From mboxrd@z Thu Jan  1 00:00:00 1970
Received: (from majordomo@localhost) by pauillac.inria.fr (8.7.6/8.7.3) id VAA13468; Sat, 28 Feb 2004 21:29:49 +0100 (MET)
X-Authentication-Warning: pauillac.inria.fr: majordomo set sender to owner-caml-list@pauillac.inria.fr using -f
Received: from nez-perce.inria.fr (nez-perce.inria.fr [192.93.2.78]) by pauillac.inria.fr (8.7.6/8.7.3) with ESMTP id VAA12092 for <caml-list@pauillac.inria.fr>; Sat, 28 Feb 2004 21:29:48 +0100 (MET)
Received: from aomori.annexia.org (annexia.force9.co.uk [212.56.101.183])
	by nez-perce.inria.fr (8.12.10/8.12.10) with ESMTP id i1SKTrIq023671
	for <caml-list@inria.fr>; Sat, 28 Feb 2004 21:29:53 +0100
Received: from rich by aomori.annexia.org with local (Exim 3.36 #1 (Debian))
	id 1AxB5c-00019q-00; Sat, 28 Feb 2004 20:29:36 +0000
Date: Sat, 28 Feb 2004 20:29:36 +0000
To: Thomas Fischbacher <Thomas.Fischbacher@Physik.Uni-Muenchen.DE>
Cc: David MENTRE <dmentre@linux-france.org>, caml-list@inria.fr
Subject: Re: [Caml-list] How to secure an OCaml server
Message-ID: <20040228202936.GA3960@redhat.com>
References: <87llmnme9b.fsf@linux-france.org> <vfioerj9msl.fsf@tuba.is.s.u-tokyo.ac.jp> <20040228165400.GA24495@redhat.com> <Pine.LNX.4.58.0402281805260.5837@seekar.cip.physik.uni-muenchen.de> <877jy7kn52.fsf@linux-france.org> <20040228202011.GA3551@redhat.com> <Pine.LNX.4.58.0402282125360.7058@seekar.cip.physik.uni-muenchen.de>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <Pine.LNX.4.58.0402282125360.7058@seekar.cip.physik.uni-muenchen.de>
User-Agent: Mutt/1.5.4i
From: Richard Jones <rich@annexia.org>
X-Miltered: at nez-perce by Joe's j-chkmail ("http://j-chkmail.ensmp.fr")!
X-Loop: caml-list@inria.fr
X-Spam: no; 0.00; caml-list:01 2004:99 hashes:01 hashtbl:01 team's:01 ltd:98 ocaml:01 ocaml:01 wrote:03 wrote:03 suppose:03 perl:03 prototype:04 investment:94 practice:06 
Sender: owner-caml-list@pauillac.inria.fr
Precedence: bulk

On Sat, Feb 28, 2004 at 09:28:07PM +0100, Thomas Fischbacher wrote:
> 
> On Sat, 28 Feb 2004, Richard Jones wrote:
> 
> > This is a new type of vulnerability discovered fairly recently. 
> 
> I am not sure about this, as I can hardly imagine that some clever souls 
> may not have thought of such problems much earlier. I suppose, the big 
> problem is the seductive easiness of hashes and their popularization by 
> perl...

Of course _I_ always recommend using assoc lists instead of Hashtbl
with OCaml nowadays.  This has the feature that it's _always_
O(big something) so DoS attacks are never a problem :-)

Rich.

-- 
Richard Jones. http://www.annexia.org/ http://www.j-london.com/
Merjis Ltd. http://www.merjis.com/ - improving website return on investment
'There is a joke about American engineers and French engineers. The
American team brings a prototype to the French team. The French team's
response is: "Well, it works fine in practice; but how will it hold up
in theory?"'

-------------------
To unsubscribe, mail caml-list-request@inria.fr Archives: http://caml.inria.fr
Bug reports: http://caml.inria.fr/bin/caml-bugs FAQ: http://caml.inria.fr/FAQ/
Beginner's list: http://groups.yahoo.com/group/ocaml_beginners