Re: Anyone looked at security features of D programming language compared to Spark?

[Crispin Cowan <crispin () immunix com>]

Blue Boar wrote:


Crispin Cowan wrote:

Dynamic type checking (or any kind of run-time fail-stop checking) 
enhances security (attacks are halted) but degrades reliability 
(processes that might live with a harmlessly inconsistent state may 
be halted).


Degrades reliability of a "correct" program?  Or only degrades 
reliability of a program with bugs, harmless or not?


The latter. Run-time fault checks will never go off if the program does 
not have faults.


  If it's the latter, I would assume QA would want to see the latter, 
so the bug could be squashed.  I'm assuming, of course, that one wants 
to also squash "harmless" bugs.


QA will want to squash the bugs it sees. Run-time fault checking helps 
find *some* of those bugs, if QA checks the code paths that expose those 
bugs. Static type checking, OTOH, finds latent bugs that no one thought 
to check for, at the cost of not finding some bugs that are statically 
undecidable. Using both is of course the safest.


Crispin

--
Crispin Cowan, Ph.D.  http://immunix.com/~crispin/
CTO, Immunix          http://immunix.com
Immunix 7.3           http://www.immunix.com/shop/