[Nagiosplug-devel] Re: check_by_ssh patch

Andreas Ericsson ae at op5.se
Wed Mar 31 09:09:04 CEST 2004


Paul L. Allen wrote:
> Andreas Ericsson writes:
>> and that it is a fair amount slower (even with the epn) than a 
>> properly written C-program. 
> 
> It depends very much on what you're doing with it.  For number-crunching
> it is slower, for uses where it runs, does a few things, then terminates
> then the difference can be a lot smaller.
> 
Datacrunching in general. check_ifoperstatus runs in 6 seconds real time 
whereas a shellscript checking multiple interfaces at the same time runs 
in 1 second.

>> Also, Perl isn't, and never will be, an industrial strength 
>> programming language.
> And
> defining a programming language as "industrial strength" first requires
> you to state whether you are basing your definition on programmer
> efficiency, CPU efficiency, memory efficiency or other criteria. 

Language possibilities. If you can't do it in C, it can't be done at all.

> Perl
> has a lot of stuff that C lacks without adding libraries that are not
> a standard part of C. 

But not without perl modules.

> Useful stuff like data structures, regexes and
> memory management. 

Ofcourse it has memory management. Every script language in the world 
does memory management, and virtually every script language has data 
structures.

> Stuff that allows perl programmers to be more
> productive and means they don't have to take care to avoid buffer
> overflows.

There's always a tradeoff in development time if execution time is more 
important. This is true in perl as well.

>> This means that some things just can't be done without C-coding anyways.
> 
> Most things can be done in perl without C coding, although a small number
> of them would be a little inefficient. 

A gross overstatement followed by an equally gross understatement.

> Most, but not all, syscalls can be
> handled by perl.  For the few that cannot you need an XS module to provide
> the glue.  Since perl is Turing-complete, with a little XS to take care
> of the small number of syscalls that return multiple values and which
> are not already accessible natively, it can do anything you can do in C.
> 
So what you're saying is;
Code it in C, then write some more code so that the third layer of code 
you write (the perl script) can access the code you wrote first.
How does this make development time faster and more efficient? Those 
same functions can be called and linked from any C program without the 
intermittent layer and the top-level code.

>> If we set all that aside there is still the issue of having every bug 
>> ever intoduced in Perl spread to every plugin written in it
> 
> As opposed to every bug ever introduced into the C compiler and libraries,

... which ALSO fan down into Perl.

> along with every bug introduced by plugin authors being careless with
> buffer overflows and who use printf without a format specification. 

A plugin is not a big thing to audit. Fix the bugs and you're back in 
the fast lane again.

> You
> are surely trolling here.
> 
Yada yada.


>> (currently mostly temporary filehandling stuff).
> 
> For which there are three solutions.  One of which is not recommended
> because it relies upon C's tmpfile(3) implementation - which is broken
> on some systems.
> 
And should be fixed to be secure and honor the $TMPDIR environment variable.

>> Also, what happens if one or more perl-scripts need to be setsuid?
>> Will Nagios have to run as root, or will the epn be able to handle it 
>> properly?
> 
> Anyone who was in a position to know what they were talking about when
> commenting on the deficiencies of perl would know that Nagios does not
> have to run as root to run a setuid script. 

I know that, but how does it work under the hood? If perl (the program) 
is invoked every time a precompiled image needs to execute I seriously 
doubt the effectiveness of the epn. If it doesn't, then how can it the 
elevated privileges of the script be retained?
That's why the epn was mentioned in the follow-up question.

On a personal note;
I really don't like your tone. You dismiss without knowing, you are 
arrogant when you should be humble and you are stubborn enough to teach 
a mule.

-- 
Mvh / Best Regards
Sourcerer / Andreas Ericsson
OP5 AB
+46 (0)733 709032
andreas.ericsson at op5.se




More information about the Devel mailing list