Magnus Therning schrieb:
There is of course the possibility that Haskell would bring a whole slew
of yet-to-be-determined security issues. I doubt it will be worse than
C though.
Haskell might be prone to denial-of-service attacks. E.g. sending it
data that cause it to evaluate an infinite data structure.
Of course, any algorithm might run into an endless loop :-)
Still, I'd want to have the results of a strictness analysis attached to
Haskell software.
That said, Haskell should be a *lot* more safe than C.
Denial-of-service is something that one should take active precautions
against, but it's still a far cry from the code injection
vulnerabilities that come with most C software...
Then again, avoiding global state and using a language with garbage
collection, a strong type discipline and checked pointer dereferencing
(say: Java, Ruby, Python, whatever) would probably go a far way towards
safer software, even if it's not an FPL.
Regards,
Jo
_______________________________________________
Haskell-Cafe mailing list
Haskell-Cafe@haskell.org
http://www.haskell.org/mailman/listinfo/haskell-cafe
