Re: supporting second tier OSes
David P. Kemp (dpkemp@missi.ncsc.mil)
Fri, 8 Sep 1995 09:23:34 -0400
>
> My answers would be "HP, and beat on my developers to write portable
> code", "What's the next most common UNIX box in that list?", and "After
> a couple of rounds it should be a matter of typing "make"..."
That's the right answer, but to the wrong question.
Everyone ought to be writing portable code, but POSIX.1 by itself won't
do the job because it's woefully incomplete. Using POSIX interfaces
will help you pick the portable alternative between index() and strchr(),
but what do you do for networking? POSIX.1 defines no network calls,
so you do the next best thing and use the de-facto standard, BSD sockets.
Presumably Spec-1170 will cover a wider range of applications than POSIX
since they threw in everything including the kitchen sink, but it still
can't cover every possible application. Audit is one of the missing ones.
With every vendor defining their own API for generating C2 audit records,
method of controlling which events will be audited, and format of saved
data, writing a portable audit reduction tool is more than "writing
portable code and typing 'make'". Since auditing is not used at all by
most customers, the various vendors may have bugs in their audit
implementations ranging from annoying to nearly insurmountable.
I'd be inclined to believe that there is a large cost of developing for
each new platform that cannot be avoided, even by using the best possible
software engineering practices.