Bugtraq mailing list archives
Re: at the risk of another flamefest..
From: bmc () telebase com (Brian Clapper)
Date: Tue, 16 Jul 1996 08:24:04 -0400
"Mike" == Mike Neuman <mcn () EnGarde com> writes:
Mike> To fan the flames a bit, I find it amazing that people are Mike> complaining that C is at fault for their lousy programming... There are reasons why languages like Ada are preferred over C in safety-critical systems. Mike> In any case, to add yet another level of indirection to the above Mike> argument, Mr. Bradley is forgetting that Unix itself is written in Mike> C. As a result, perl may have no bound problems, and so will the Mike> resulting compiled perl code, but the operating system itself could Mike> still have problems (a la syslog() ). Which is more or less beside the point. Just because the operating system (or, to be more precise in this case, the user-level library used to communicate with the syslog daemon) may be riddled with boundary violations and off-by-one errors does not mean you should abandon decent, alternate languages when choosing to implement *your* safety-critical or security-aware code. I, too, program primarily in C/C++. However, there are plenty of times I've wished for a little help from the language in detecting off-by-one errors and boundary violations. In the absence of built-in run-time support for such things, I'm forced to roll my own boundary checks using assert(). (The assert() macro is, of course, useful for other things, too. I recommend it heartily to all defensive programmers.) Being human, though, I can make mistakes and miss a crucial check. Having the compiler back me up is a nice feature, provided I don't allow it to make me a lazy programmer. Having other qualified programmers walk through my code is another good back-stop; however, that's perhaps a separate topic. ---- Brian Clapper .............................................. bmc () telebase com http://www.netaxs.com/~bmc/ ............. PGP public key available on request It is clear that the individual who persecutes a man, his brother, because he is not of the same opinion, is a monster. -- Voltaire
Current thread:
- Re: at the risk of another flamefest.. Peter Jeremy (Jul 15)
- Re: at the risk of another flamefest.. David Stagner (Jul 15)
- identd hole? Brett L. Hawn (Jul 15)
- Re: identd hole? Rob Quinn (Jul 16)
- <Possible follow-ups>
- Re: at the risk of another flamefest.. Eugene Bradley (Jul 15)
- Re: at the risk of another flamefest.. Eugene Bradley (Jul 15)
- Re: at the risk of another flamefest.. Mike Neuman (Jul 15)
- Re: at the risk of another flamefest.. Brian Clapper (Jul 16)
- Re: at the risk of another flamefest.. David Miller (Jul 16)
- Re: at the risk of another flamefest.. David Stagner (Jul 16)
- [linux-security] sliplogin David Holland (Jul 16)
- Re: at the risk of another flamefest.. Steve \ (Jul 16)
- Re: at the risk of another flamefest.. Eugene Bradley (Jul 16)