Secure Coding mailing list archives
Re: Interesting article on the adoption of Software Security
From: Crispin Cowan <crispin () immunix com>
Date: Fri, 11 Jun 2004 18:57:29 +0100
ljknews wrote: At 2:00 PM -0700 6/10/04, Dana Epp wrote: Ok, lets turn the tables a bit here. We talked about this a bit back last December when I said that you need to use the right tool for the right job, and to quit beating on C. For those of us who write kernel mode / ring0 code, what language are you suggesting we write in? Name a good typesafe language that you have PRACTICALLY seen to write kernel mode code in. Especially on Windows and the Linux platform. I am not trying to fuel the argument over which language is better, it comes down to the right tool for the right job. I know back in December ljknews suggested PL/I and Ada, but who has actually seen production code in either Windows or Linux using it? Restricting your domain of inquiry to C-centric operating systems is not exactly a reasonable set of ground rules. This is, after all, not a mailing list restricted to Windows and Linux. I strongly disagree. While it is not reasonable to limit this *list* to C-oriented operating systems, it is a perfectly reasonable question for a developer for Windows and Linux kernel enhancements to ask what programming language or programming techniques they should use to improve the security of their development efforts. Windows and Linux collectively representing some huge plurality of all deployed computer systems, it is a very practical question. Even this _topic_ is not restricted to Windows and Linux. As an advocate of strongly typed languages, I do not use either That's nice, but it does not help the person who has to enhance legacy C code, which is a very real problem. Crispin -- Crispin Cowan, Ph.D. http://immunix.com/~crispin/ CTO, Immunix http://immunix.com
Current thread:
- Interesting article on the adoption of Software Security Kenneth R. van Wyk (Jun 08)
- Re: Interesting article on the adoption of Software Security Jeff Williams (Jun 08)
- Re: Interesting article on the adoption of Software Security Florian Weimer (Jun 09)
- Re: Interesting article on the adoption of Software Security Damir Rajnovic (Jun 10)
- Re: Interesting article on the adoption of Software Security Crispin Cowan (Jun 10)
- Re: Interesting article on the adoption of Software Security Dana Epp (Jun 11)
- Re: Interesting article on the adoption of Software Security ljknews (Jun 11)
- RE: Interesting article on the adoption of Software Security Michael S Hines (Jun 11)
- Re: Interesting article on the adoption of Software Security Crispin Cowan (Jun 11)
- RE: Interesting article on the adoption of Software Security ljknews (Jun 11)
- Re: Interesting article on the adoption of Software Security Crispin Cowan (Jun 11)
- Re: Interesting article on the adoption of Software Security Damir Rajnovic (Jun 10)
- Re: Interesting article on the adoption of Software Security der Mouse (Jun 11)
- <Possible follow-ups>
- RE: Interesting article on the adoption of Software Security John Steven (Jun 09)
- RE: Interesting article on the adoption of Software Security Wall, Kevin (Jun 12)