Doing random things over at http://musteat.org
246 stories
·
4 followers

An UPDATE without a WHERE, or something close to it

2 Shares

I know I've already commented on a certain site's big outage twice now, but I have one more bit of rumor to share, and it apparently invalidates what I had heard previously. That is, it may not have been a matter of "show X Y" vs. "clear X Y", but rather some kind of automation that went a bit too far.

Essentially, the story is now this: let's say you want to do something to a given item, be that a router, switch, server, or whatever. You go to some management interface for it, and say, okay, take this thing out of service, shut it down, reboot it, drain it, set it on fire, whatever. But, what if the interface only asked you to specify which one somehow?

Then, what if you didn't have to actually type something in to hit the button? Maybe you forgot, or something else happened, and you didn't fill it in, so when you did that, it said "okay, cool then" and did all of them instead?

Go to tool, type in target, hit button, single target is affected.

Go to tool, don't type in target, hit button, ALL targets affected.

If true, that sounds like a violation of the principle of least surprise, particularly when the impact can be so big.

It sounds like another kind of "footgun" (you know, something you can use to shoot yourself in the foot) from the world of databases: an UPDATE without a WHERE.

For the not-SQL-inclined in the crowd, you can tell a database to do something like this:

UPDATE my_table SET invalid = true WHERE asset_id = 1012;

It'll then go and set that bit on any column where asset_id is equal to 1012. If that column (asset_id) has unique values, then that's one row. If nothing matches it, then no rows will be changed.

Imagine what happens when you forget the WHERE. It's the last thing on the line as shown, so you could send off the command early and it would totally work. It would look like this:

UPDATE my_table SET invalid = true;

And... guess what, without that WHERE, it just set that bit everywhere. Everything is marked invalid, and your business might suffer for it.

There's plenty more on this topic that I won't go into here, like the "I am a dummy" thing in MySQL, adding a limit (to the query or otherwise), and so on. Just know that it's a pattern, and you will see it again.

Final note on the "do all the things" thing: maybe the tool actually is supposed to let you do that. In that case, maybe it would be good if it said something like "you are about to drain 123,456 devices, so type in that exact number to proceed". You know, that kind of thing. It tends to add enough of a pause to prevent some disasters.

Read the whole story
smarkwell
9 days ago
reply
kazriko
9 days ago
I always build my update queries based on select queries... I make the select query first, make sure it has the rows I want, then I change everything but the where clause...
smarkwell
4 days ago
I don't think it was a literal SQL statement, more conceptually. But yes, I hate that SQL has you specify the WHERE clause at the end of a DELETE/UPDATE statement. Granted, you generally should never be writing side effecting SQL manually against a production database, IMO, but it still needs to happen as part of operations for a variety of reasons.
Share this story
Delete

Leaving Afghanistan

1 Share

Today, the last US military plane departed Kabul, putting an official end to the American war in Afghanistan as we have known it for the last twenty years. There are still some American civilians left in the country that need to be evacuated, and a ravaged nation left behind in turmoil and fear; but the […]

The post Leaving Afghanistan appeared first on Terminal Lance.

Read the whole story
smarkwell
58 days ago
reply
Share this story
Delete

Using Jlink in Dockerfiles instead of a JRE

1 Share
The Eclipse Temurin project is excited to announce that the official docker images for Temurin binaries are now available on Docker Hub…
Read the whole story
smarkwell
67 days ago
reply
Share this story
Delete

IRC: run it or use it, but try to avoid doing both

1 Share

There's a pretty big round of crazy going on in the free software/open source IRC sphere of late. I won't get into the specifics here - it's all over Hacker News and whatnot. (If you find this post years from now, you should check out HN's "past" feature. It'll help with context. Hint: "freenode".)

It's fortunate that I have no involvement with the goings-on of the past few weeks. My own chat situations happily do not intersect with where all of the drama has been happening.

I have only one piece of unrequested advice for anyone who thinks about running (or owning, I guess) an IRC network and/or *using* an IRC network: pick one or the other, but never both.

If you run the servers, don't hang out on channels and chat.

If you hang out in channels and chat, don't run the servers.

Otherwise, there's a good chance you will end up in some kind of squeeze, whether from other people, or inflicted by yourself (and ON yourself) in some fit of prideful stupidity.

I know this sounds bizarre, but it's been my experience that the best-run non-corporate IRC situations happened when the server and/or bot owners (depending on what the scope was at the time) were at least aloof and not "plugged in" to the day to day circumstances of the people and personalities on the channel(s). They just ran the stuff, and the "more involved" people used that stuff to do whatever they did.

Basically, the last thing you want is to have that kind of all-encompassing power, where you can pull the plug, drop the banhammer, or do other really terrible things... and then go and DO that stuff based on some pissing contest you got into with other people.

So, you know how OpenBSD pioneered W^X? A page in memory is writable or executable, but never both? Try doing that with your chat networks, if it applies to you. Run 'em or use 'em, but don't try to juggle both.

I know, I don't think anyone will be able to actually accomplish this. But, I figured I'd say it anyway, in case someone out there with a fantastic sense of restraint is out there and can benefit from it.

Take it from someone who did dumb things as a kid. Okay? Okay.

...

Side note: I said "non-corporate" because situations where you're on the company IRC server don't work this way, unless your company is somehow super-duper screwed up. There should *never* be any question about how a channel runs in that kind of world. There should not be any need for "ops" powers, aside from fixing stupid things caused by dumb programs.

The benefit of "this IRC network == only company X employees" is that there's a framework _outside_ the network for managing things. That means the network itself disappears into the background and is just like any other utility you assume will be there, like the lights, water, or air conditioning.

Of course, if your company has somehow managed to turn its IRC system (or let's face it, any other chat backend) into the kind of shit-flinging jungle that the world at large can become at times, you have much much bigger problems.

Read the whole story
smarkwell
151 days ago
reply
Share this story
Delete

Types of Scientific Paper

4 Comments and 11 Shares
Others include "We've incrementally improved the estimate of this coefficient," "Maybe all these categories are wrong," and "We found a way to make student volunteers worse at tasks."
Read the whole story
denubis
182 days ago
reply
Ok, just... need to look at my publications list:

Most recent (https://osf.io/preprints/socarxiv/sbwcq/) is "Some thoughts on how everyone else is bad at research" Then a bunch of "this task I had to do anyways" Then a "hey, this method can produce results"

I feel *so seen.* Wait, is this good?
smarkwell
182 days ago
reply
Share this story
Delete
3 public comments
k
58 days ago
reply
W
shrysr
176 days ago
reply
Lmao
Vancouver
alt_text_bot
183 days ago
reply
Others include "We've incrementally improved the estimate of this coefficient," "Maybe all these categories are wrong," and "We found a way to make student volunters worse at tasks."
dlwright
182 days ago
And the all time favourite "See, I did need that grant money."
ianso
182 days ago
First of a series, I'm sure!

AI Methodology

1 Comment and 4 Shares
We've learned that weird spacing and diacritics in the methodology description are apparently the key to good research; luckily, we've developed an AI tool to help us figure out where to add them.
Read the whole story
smarkwell
194 days ago
reply
Share this story
Delete
1 public comment
alt_text_bot
194 days ago
reply
We've learned that weird spacing and diacritics in the methodology description are apparently the key to good research; luckily, we've developed an AI tool to help us figure out where to add them.
Next Page of Stories