On Sat, Dec 22, 2007 at 09:25:14AM -0500, Douglas A. Tutty wrote: > > 1. If security is a major concern, or perhaps The Main Concern, why not use > > Ada? I specifically mention Ada since one of the most security demanding > > industries are building aircrafts and they use Ada. > > I've been wondering the same thing ever since I started learning about > Ada. So many of the problems found during OpenBSD code audits would > have been found at compile time if written in Ada since the Ada compiler > itself looks for them. As you know, it also keeps track of things > during run-time. > > > 2. Rather than auditing a lot of code, correcting a lot of coding mistakes, > > like the OpenBSD security team has done, and still do, why not shift from C > > to something, just as fast and powerfull as C, but more secure? Again like > > Ada. (to completely avoid the possibilities of those errors). > > Considering that Ada was written in a language design-competition (and > not written by a committee as is the common myth) to replace all the > hundreds of languages used in the US military, it has to be able to do > everything from low-level system programming to high-level computational > computer modeling. The amzing thing is that it does it all so well on > the full range of hardware from an anti-tank missle to a Cray. > > It also is trivial to write for multiple-threads or multiple processors. > Set up the program correctly and it will use whatever mult-* is > available at run-time with no change in compilation; if no threading or > only a single processor is available it will run just fine too. > > I haven't been able to find any OS that is written in Ada. There are > probably lots of propriatary ones.
Ada is cool. Ada can be used for a lot of things, and it does them well. Ada is more complex, and that carries its own problems. C is really a very simple language. There are a handful of things about C that cause endless problems for people who have not learned the details of how C really works (this includes some people who have been writing C for a long time). But for those that know C well, it's very easy to write correct and readable code. C is also easily ported, which is why you often see other language compilers/interpreters written in C. If OpenBSD adopted Ada, there would still be the need for code audits. There is no magic bullet to solve all security problems. Security (and code quality) takes work, and a sensible development process. If you have a good process, the language matters less. If you have a bad process, then the language will not make things much better. C is used all over the world by a huge number of people. It's far easier to find coders who know how to write clean C than it is to find competent Ada coders. Others can say better why C is a better choice for systems-level programming, but the above points are still worth mentioning on their own. If other languages have addressed some failings of C, they have not done so in a compelling enough way to make it worthwhile to abandon the advantages of using C. -- Darrin Chandler | Phoenix BSD User Group | MetaBUG [EMAIL PROTECTED] | http://phxbug.org/ | http://metabug.org/ http://www.stilyagin.com/ | Daemons in the Desert | Global BUG Federation
