From owner-freebsd-chat Sat Sep 27 22:16:03 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id WAA07517 for chat-outgoing; Sat, 27 Sep 1997 22:16:03 -0700 (PDT) Received: from obie.softweyr.ml.org ([199.104.124.49]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id WAA07458 for ; Sat, 27 Sep 1997 22:15:44 -0700 (PDT) Received: (from wes@localhost) by obie.softweyr.ml.org (8.7.5/8.6.12) id XAA21150; Sat, 27 Sep 1997 23:23:11 -0600 (MDT) Date: Sat, 27 Sep 1997 23:23:11 -0600 (MDT) Message-Id: <199709280523.XAA21150@obie.softweyr.ml.org> From: Wes Peters To: Sean Eric Fagan CC: chat@freebsd.org Subject: Re: Microsoft brainrot (was: r-cmds and DNS and /etc/host.conf) In-Reply-To: <199709280254.TAA20632@kithrup.com> References: <199709272127.OAA11524@usr08.primenet.com> <19970928101941.03210.kithrup.freebsd.chat@lemis.com> <199709280254.TAA20632@kithrup.com> Sender: owner-freebsd-chat@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Sean Eric Fagan writes: > But writing a Tk-based program to do it takes less. I've got someone who > wants to do it -- he is simply lacking in time. A bit of prodding, and he > may be willing to make time to do it. ("it" in this case is a GUI interface > to the real-time named editing that Paul has put into BIND 8.something -- so > you don't edit the host files any longer, you can have named edit them for > you. There are some obvious security implications, of course.) Yeah, and the Tk program *could* be a great deal more portable. I think Tcl/Tk is idea for this type of work. The result would probably be slightly more ugly than say, C++, but still manageable. Please forward my e-mail address on to your "somebody," with a request that he contact me via e-mail. I'd like to correspond with him on this subject if he is at all interested. > "The experienced user will know what to do." > > Most people don't need all that information; most people just need to set up > a fairly standard configuration. That's what the "friendly" tools are for. > And the files are still editable for the people who know what they are > doing, and what they want. > > Having a simple "create a standardized named.boot, .zone, and > .rev file" shell script, which would ask a couple of questions, > would suffice in Terry's case. Of course, he could write that shell script > pretty easily, and submit it. Except, of course, that people have this > tendency to just reject anything Terry says *because* it's from Terry :). Well, I've known Terry long enough, and personally enough, to never discredit what he says without careful consideration. As I said in my previous message, though, I do think both he and Greg missed the point by 90 degrees. It's not a question of GUI vs. editor, it's a question of representing the data the user as a meaningful set, which is not something any of the commonly available DNS tools currently do. > And if 99.99% of the computer users can't understand the question, what > makes you think they'll want to fiddle with the bits that the GUI program > doesn't allow them to? Good point. Perhaps we're asking the wrong questions? ;^) > I don't know my license plate. > > I know what my car looks like, and I remember vaguely where I parked it. Oh, your car is an object, with distinctive physical characteristics, and you recognize it by those characteristics. In the world of human interface designers, this is quite important. Unfortunately, the computer crowd seems to have skipped over this important fact, favoring long strings of alphanumerics with silly rules about placement instead. > This caused me a problem, once, when there was someone parked an identical > car next to mine (same year, colour, model, and transmission type -- only > difference was that this imposter car had some rosary beads hanging from the > rear-view mirror, which I noticed just as I put the key in the lock). So you had to "zoom" in order to differentiate the objects? See how we can make our user interfaces really mimic the real world? (Jeez, I'm enjoying this.) > What that has to do with anything, I don't know -- you're refusing to see > Terry's point, possibly because it's Terry, and Terry is going on about a > grand unified field theory when he could have solved the special relativity > problem and gotten his nobel prize by now. :) Greg said: % Then why don't you do it and import the configuration to your UNIX % box? I'd like to see it, if only to pick holes in it. How do you set % up a HINFO RR? An ISDN RR? > Most people don't need to set up an ISDN RR. I don't even know what that > is. I certainly don't have one. > > Few people seem to bother setting up an HINFO RR these days. I don't, I > think. But it's certainly easy enough to set up. Many "organizations" disallow HINFOs because they can be a security breach. Ex: hacker does 'nslookup -type=hinfo foo.bar.com', discovers it is a FooStation 1100 running Foonix 7.11. He pokes around, discovers Foonix 7.11 has that awful 11:00 p.m. ftp server switchover bug, and breaks in. You've just published to him how to break into your server. The DNS configuration would ideally be configurable enough to remove these from existing databases and mark fields as "forbidden", so new and/or naive users wouldn't inadvertantly violate security policy. On the other hand, wouldn't it be nifty to shift-click (or right-click, or whatever) on the "foo" object within the "bar.com" domain view and see all the possible attributes of "foo." Including those that are not specified, and those inherited from "bar.com", displayed in some special manner to indicate they are inherited? > Of coruse, since Paul wants to have BIND handle arbitrary resource records, > it's unlikely that any front-end interface is going to be able to handle all > cases. Unless, of course, you allow the front-end interface to generate arbitrary RRs as well. This shouldn't be all that difficult. -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC http://www.xmission.com/~softweyr softweyr@xmission.com