Subject: Re: Trouble with PCI, VGA, 32Mbyte
To: None <firstname.lastname@example.org>
From: Charles M. Hannum <email@example.com>
Date: 06/10/1995 20:00:26
> No; that's the least of the problems. The most annoying problem is
> that, e.g/, a trivial typo can turn a CHANGE DEFINITION command into a
> FORMAT UNIT command -- definitely not what the user intended, and by
> the time he/she notices, it's way too late.
> This is a very unsafe interface, and I would definitely not want
> random users to experiment with it.
I'm sure Charles meant that this was a sucky interface for a disk
formatting utility, and not that it is a sucky interface for a
general "send an arbitrary CDB" to a SCSI device.
No, and you can see from my example that I didn't mean that. In the
specific case I cited, the user would indeed be using it to send an
arbitrary command to the device.
There are a few obvious ways it can be made reasonably safe:
* Allow a mnemonic name for the command, and always use the mnemonic
names when suggesting something to a user.
* Verify the CDB length when possible.
* Unless another option is given, disallow any command that would
modify the device's state in a significant way.
None of these would restrict the functionality of the program in any
way, except that the 2nd would disallow sending some invalid CDBs.