Secure Coding mailing list archives
RE: How C# does fit the bill? (was: MISRA C)
From: "Erik Anderson" <eanderso () co kitsap wa us>
Date: Fri, 02 Jan 2004 15:20:24 +0000
"David Crocker" <[EMAIL PROTECTED]> 12/31/03 3:17:09 PM >>>
DC> What I would like to see is a widely-implemented, DC> well-designed, type-safe object-oriented language. DC> Eiffel comes close but is not widely implemented or DC> used. The present version of Ada (95) is a poor DC> choice for serious O-O development. Maybe in future DC> we will see a C++ subset based on extending the DC> MISRA standard. I would be interested to hear your thoughts (and anybody else's) on how well C# fits this criteria and does not. And where does it meet secure coding practices and where it fails. I'm not after a MS bashing thread (or flame wars) but an honest study and impression. As several threads in the list have pointed out, good security and coding practices are not exclusively dependent on the language used but the programmer writing it. However, some languages do lend themselves to easier implementations than others (e.g. Java's sandbox approach).
From my limited use of it, I think it holds a lot of potential. I've
been able to easily create database readers, edit forms, and even read binary files mixed with 8, 16, & 32-bit integers from 1985. This was possible because of the classes provided in the .NET Framework and the similarity of the language itself to C/C++/Java. But, I'm sure many of you in the group have far more extensive experience than I. So what say you? Oh, and Happy New Year ;) -- Erik W. Anderson, GIS Analyst WWW: http://www.kitsapgov.com/gis/ Kitsap County GIS E-mail: [EMAIL PROTECTED] 614 Division St., MS-21 Voice: (360) 337-4443 Port Orchard, WA 98366-4682 FAX: (360) 337-4555
Current thread:
- RE: How C# does fit the bill? (was: MISRA C) Erik Anderson (Jan 02)
- <Possible follow-ups>
- RE: How C# does fit the bill? (was: MISRA C) Tegels, Kent (Jan 02)