[Bro-Dev] Configuration framework syntax proposal
Siwek, Jon
jsiwek at illinois.edu
Fri Sep 22 08:59:08 PDT 2017
> On Sep 21, 2017, at 11:50 AM, Johanna Amann <johanna at corelight.com> wrote:
>
> The feature that the
> configuration feature wants to bring is the ability to change options
> during runtime - which cannot be accomplished with redefs. redef-able
> consts will still have their place afterwards (for everything that still
> cannot be changed during runtime).
Just had a misc. thought related to the use of ‘const’:
I remember first being confused/unfamiliar with Bro’s use of ‘const’ and thought it meant “never changes” only to learn it’s further qualified as “never changes at run-time” so that the ‘const’ + ‘&redef’ combo ultimately means “never changes at run-time, but initial value may be changed at parse-time”.
Though, technically, ‘const’ can still be modified at run-time, if you know how… e.g. send_id...
And that’s maybe all ok -- it’s easy to explain unfamiliar context as I did above and the means of subverting runtime modification restrictions isn’t actively advertised as such. Though, with a new config framework, there’s opportunities:
1) could remove need for the backdoor method of modifying ‘const’ values at runtime, (e.g. via send_id) as that’s done through new identifiers explicitly tagged for config purposes
2) using a new ‘configopt’ access modifier may be warranted over re-using ‘const’ for configuration values as the semantics are now blatantly different than what ‘const’ is expected to mean. i.e. config values are meant to change at run-time, but only via a restricted API and ‘const’ is still intended to never change at run-time
- Jon
More information about the bro-dev
mailing list