raising warning flag on firewalld-default feature

Kevin Kofler kevin.kofler at chello.at
Thu Nov 22 02:54:00 UTC 2012


Przemek Klosowski wrote:
> You say it yourself---if you need Turing, you have to put him in
> somewhere. You argue that the complex logic HAS to go in the native
> code, but that is inflexible. PolicyKit needed flexibility so they used
> weird data; they combined inflexibility of native code with
> inscrutability of complex logic in interpreted input. Plus they still
> have a run-time and maintenance overhead of the interpreter, which they
> were trying to avoid by designing a native code implementation.
> 
> Interpreters do not preclude simple data: they just scale better, from
> simple linear declarative data to complex, Turing-cranking swamp. The
> only argument against it is runtime overhead, which isn't a problem in
> many, if not most, cases.

Runtime overhead is always a problem. It makes things pointlessly 
inefficient. Plus, JavaScript configuration is a PITA to maintain 
(especially for the user, who's normally NOT a programmer!). Configuration 
has no business being scriptable. A key-value store is not and should not be 
a script. Logic needs to be in code, not in configuration. Soft coding 
sucks: http://thedailywtf.com/Articles/Soft_Coding.aspx

        Kevin Kofler



More information about the devel mailing list