Re: Off topic programming thread

["Bill Royds" <full-disclosure () royds net>]

I downloaded and looked at Cyclone today and it looks like it would be a
good system to get developers to move to. Its only problem is that it also
adds to the C language (garbage collection, templates like C++ etc.) that
means that one has to edit standard C to compile, even for C that is not
using unsafe constructs.
  What would be more interesting is a stripped down version of this compiler
that did not expand on C sysntax and constructs but limited ordinary C to
safe constructs so that  ordinary C's pointer sysntax would be compiled into
the cyclone "fat" pointer that  holds array bounds and reference counts. The
unsafe pointer that only holds an address would not be the default but would
need to be cast explicitly if needed to call a C library.
 What is really needed is a C compiler that complains when one does pointer
arithmetic on unauthenticated pointers (arguments or results of malloc or
other calls), that has the NULL pointer actually stop use of unallocated
memory free handles reference counting and prevents use of the pointer
further, pointers have an associated descriptor that holds size of allocated
memory and prevents out of bounds assignments etc.
Raw C is too close to machine language to be used for high level code, even
Ritchie and Thompson said that.


----- Original Message ----- 
From: "Alexandre Dulaunoy" <alexandre.dulaunoy () ael be>
To: "Bill Royds" <full-disclosure () royds net>
Cc: "Brett Hutley" <brett () hutley net>; "madsaxon" <madsaxon () direcway com>;
<full-disclosure () lists netsys com>
Sent: Wednesday, October 29, 2003 9:07 AM
Subject: Re: [Full-disclosure] Off topic programming thread


> On Wed, 29 Oct 2003, Bill Royds wrote:
>
> > I agree that one can write secure code in C, but I am saying that C
doesn't
> > help in writing it.
> > Perhaps we need to "deprecate" some C standard library functions and
syntax
> Various attempts  to move to a  specific dialect of C  exists, I don't
> really know the efficiency of that.
>
> http://www.research.att.com/projects/cyclone/
>
> On  the other side,  an interpreter  of C  can also  be used  to check
> consistency of the software and reaction inside a 'kind of' vm.
>
> http://root.cern.ch/root/Cint.html
>
> It's only a part of the cake.
>
> Every ingredient  are important  for the taste  of the cake,  taste is
> security and cake is software.
>
> -- 
> --        Alexandre Dulaunoy (adulau) -- http://www.foo.be/
> --    http://pgp.ael.be:11371/pks/lookup?op=get&search=0x44E6CBCD
> --    "Knowledge can create problems, it is not through ignorance
> --   that we can solve them" Isaac Asimov

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html