[cs615asa] HW6 grades

Jan Schaumann jschauma at stevens.edu
Sun May 14 22:41:03 EDT 2017 

All,

I've sent out grades for HW6.  With this, you have all the grades for
all assignments (assume full credit for the CtF unless you received
feedback for any of the levels that you would get partial credit) and
thus the ability to calculate your letter grade.

I will submit letter grades to the registrar most likely tomorrow,
Tuesday the latest.

A few notes on HW6:

- Many of you appear not to be aware of the "getopts" functionality
  provided by virtually all programming languages, including the
  standard bourne shell.  Review this -- manually parsing command-line
  options is more complicated than you think and you end up writing a lot
  of unnecessary code if you try to do it yourself.

- Many of you had trouble identifying the correct user to ssh to the
  instances as.  This was a hidden complication that wasn't obvious from
  the beginning, but you all had to solve it somehow.  The interesting
  thing here is how you tried to do that.  You cannot try to log in as
  one user and if that fails try the next one: failure to log in can
  have any number of causes.  Instead, you probably require an internal
  mapping of instance descriptions to likely user accounts with a
  fallback to 'root'.  This is necessarily error prone; a flaw in the
  program definition / requirements.

- Copying a file system hierarchy requires more than just "scp".  At a
  minimum, you need to recursively copy the source directory, but that
  does not preserve ownership or permissions.  "rsync" is a good
  solution, but that's not available on all systems.  "tar" is a better
  solution.

- You can't copy data from the source instance directly to the target
  instances, as that requires (a) SSH to be setup on the source instance
  and (b) the source instance to be able to talk to the destination
  instances.  You need to copy data through your host, but at the same
  time you have the problem that you do not want to locally store data
  (scalability requirements make this tricky).

  ssh host1 tar | ssh host2 tar

  is one reasonable solution here.

- You can't assume that the aws command-line tools generate output in
  text, nor can you assume it's json.  If you are only prepared to
  handle either format, then you need to explicitly request it.

- Don't use temporary files.  You're going to get it wrong.  Safely
  handling temporary files is much more complicated than you think: you
  need to account for the correct location (the current working
  directory is not one), the creation of safe directories to avoid
  e.g. symlink attacks, signal catching to clean up afterwards, etc.
  etc.

  Whenever you think "I know, I'll stash this info in a temporary file",
  stick a needle in your eye to remind you that that's a bad idea.

- All of your git commit messages are useless.  I don't think I've seen
  a single meaningful commit message.

- Team work requires that you actually work as a team.  Working
  individually and then trying to mash together the two results is not a
  good approach.  Teams need to communicate and collaborate.

-Jan

More information about the cs615asa mailing list