[Bro-Dev] 0MQ security considerations

Matthias Vallentin vallentin at icir.org
Mon Jul 18 11:05:19 PDT 2011


Although it seems that folks have settled on pthreads, I still would
like to add my two cents, biased by my own experience with C++11 (aka
C++0x).

On Jul 08 2011 at 06:22AM PDT, Robin Sommer wrote:
> I forgot the obvious one yesterday: Intel's TBB. That's what the
> multi-core Bro prototype is already using, and it's main thread
> abstraction is (almost?) compatible to C++0x. 

I've been using C++11 for quite a while now and can only say that it
feels like it was overdue. One writes much less boilerplate for what one
wants to achieve (e.g., functors) and many mature components from the
Boost libraries found their way into the C++11 standard library:
threads, tasks/futures, smart pointers, SFINAE helpers like
boost::enable_if, RNGs, etc. Overall, I find myself needing less time to
write more code that actually does something.

Except for the thread-safe data structures (which we can wrap ourselves,
e.g., thread-safe queues) and the TBB scheduler (which we don't plan to
use IIRC), C++11 meets our needs from a feature standpoint. The benefit
would be avoiding licensing hassles and reaping the, erm, somewhat
underappreciated improvements that come for free :-). Now that the
standard is sealed, everybody will use C++11 in a few years and widely
used compilers like gcc will have implemented the full standard. I just
want to point out that we might oversee a free lunch down the road.

> But somebody has maintain the code that's *using* Boost ... My main
> concern is actually that once we have Boost, folks will immediately
> start using pretty much any feature it provides. :-)

The main problem I see here is that Boost is a mixed bag: some libraries
are really high quality (and thus made their way into the new standard)
while others still need time to mature and are of experimental nature.
If we really want to use Boost (say to have a platform-independent
networking library), we could whitelist the Boost components that we
allow in Bro.

While we're at it, Boost Asio is a nice library not only for
platform-independent networking, but also to structure computation at
the granularity of tasks. It also plays nicely with C++11, i.e.,
facilities the implementation of user-space thread scheduling. Unlike
0mq, it does not feature a messaging subsystem; we would need to obtain
this functionality elsewhere. 

    Matthias


More information about the bro-dev mailing list