Boost :

From: Peter Dimov (pdimov_at_[hidden])
Date: 2005-04-24 08:02:50

• Next message: Peter Dimov: "Re: [boost] Re: aligned_storage not a POD?"
• Previous message: Peter Dimov: "Re: [boost] [threads] Future directions (Was: TR2 and C++0x heads up)"
• In reply to: David Abrahams: "[boost] Re: Yet Another Network Library"
• Next in thread: David Abrahams: "[boost] Re: Yet Another Network Library"
• Reply: David Abrahams: "[boost] Re: Yet Another Network Library"

David Abrahams wrote:
> "Giovanni P. Deretta" <lordshoo_at_[hidden]> writes:
>
>> - It is extremely insecure. In a network library security must be
>> paramount. If the transport type were encoded in the address, it
>> would be much harder to validate externally received addresses. A
>> similar argument can be made for the port numbers. It is better to
>> keep these things separated. The library user can create its own
>> indexed factory collection if it really needs to.
>
> That's a very convincing argument.

No, it isn't. If you analyze the security of the two cases carefully you'll
see that there isn't much of a difference, except that the
"transport-encoded" type gives you one bit of extra information, the
transport, which you can check against your expectations.

• Next message: Peter Dimov: "Re: [boost] Re: aligned_storage not a POD?"
• Previous message: Peter Dimov: "Re: [boost] [threads] Future directions (Was: TR2 and C++0x heads up)"
• In reply to: David Abrahams: "[boost] Re: Yet Another Network Library"
• Next in thread: David Abrahams: "[boost] Re: Yet Another Network Library"
• Reply: David Abrahams: "[boost] Re: Yet Another Network Library"

Boost list run by bdawes at acm.org, gregod at cs.rpi.edu, cpdaniel at pacbell.net, john at johnmaddock.co.uk