On Sun, Sep 14, 2008 at 12:02 PM, Ned Freed
<ned(_dot_)freed(_at_)mrochek(_dot_)com> wrote:
On Sat, Sep 13, 2008 at 8:59 PM, Ned Freed
<ned(_dot_)freed(_at_)mrochek(_dot_)com> wrote:
On Sat, Sep 13, 2008 at 5:27 PM, Ned Freed
<ned(_dot_)freed(_at_)mrochek(_dot_)com> wrote:
I've recently added an option to my Sieve implementation to limit the
number of Sieve redirects in a script.
We have a similar option.
any particular reason for adding this restriction?
You mean aside from the fact that RFC 5228 flatly requires it?
from RFC5228:
10. Security Considerations
...
(2) MUST provide the means for administrators to limit the ability of
users to abuse redirect. In particular, it MUST be possible to
limit the number of redirects a script can perform.
Additionally, if no use cases exist for using redirect to
multiple destinations, this limit SHOULD be set to 1. Additional
limits, such as the ability to restrict redirect to local users,
MAY also be implemented.
"flatly" seems to be a little of an overstatement.
OK...
the RFC seems to be
agnostic about the way this effect should be achieved. there is a
reasonable argument that this requirement may be better implemented by
a system assembler than in a script interpretor.
I have no idea what a "system assembler" is or how it relates to this.
it's a role. if you're doing COP then an application is composed by
assembling various components together. the system assembler is one
name given to individual responsible for assembly.
If you're talking about implementing the limit exclusively in the script
editor or
managesieve interface, the problem with that is it leeaves a hole should any
user be able to install a script through any other means.
no: that's not what i'm taking about
Email systems can be
very complicated with lots of different ways of doing things,
true
which means that responsibility for checking this should probably fall
to the application creator (if you prefer that term) rather than a
component creator
making it very hard to guarantee the effectiveness of anything other than a
hard evaluation
time limit.
depends on what you mean by evalution time. i agree if you mean action
execution time.
I also cannot think of anything simplier than a counter and test in the Sieve
evaluator.
the downside of this separation of concerns is that the script
interpretor may not really know what actions an application is
actually going to perform upon redirect
<snip>
BTW do any sophisticated editors actually exist yet?
I've seen editors that allow the construction of fairly complex rules. But I
don't think this makes them "sophisticated". "Sophisticated" in my book means
an editor that operatoes on the actual Sieve code rather than depending on
some
kind rule metadata (usually embedde in script comments) to figure out what's
going on. A really sophisticsted one would handle nested conditionals and
other
more complex coding structures.
And the answer is no, I haven't seen any editors I would regard as truly
sophisticated. I'd like to try and write one myself, but it's a really big
project and I simply do not have the time.
it might be possible to use the eclipse to generate an editor from the
xml version of sieve but sieve is not expressive enough ATM for my
mail filtering (i generate my scripts from higher level meta-data) so
creating a basic editor is of no interest to me
- robert