Thomas Lord scripsit: > The freedom of an implementation to go either > way on that point is a good reflection of the > fact that neither way is obviously better than > the other *and* it is easy for programs to not > rely on one way or the other. > > Changing the language to force one choice is > just arbitrary. It adds an implementation burden. > It punts on the question of which choice is better.
I'll just quote here from an email on the ECMAscript 3.1 mailing list <https://mail.mozilla.org/pipermail/es3.x-discuss/2009-March/001183.html> not necessarily because I agree with it, but so that the opposing point of view is recognized: > Conventional developers seek only functionality, and stay away from > edge conditions. Attackers seek opportunities in edge conditions. So > defenders must reason about the limits on the damage that might be > caused by these edge conditions. > > Put another way, conventional developers must code to the intersection > semantics of the platforms in question, since a correct program must > work across all these platforms. Attackers can seek opportunities in > the union semantics, since an attack that works on any platform is > still a successful attack. More deterministic specs narrow the gap > between these two. -- A rose by any other name John Cowan may smell as sweet, http://www.ccil.org/~cowan but if you called it an onion [email protected] you'd get cooks very confused. --RMS _______________________________________________ r6rs-discuss mailing list [email protected] http://lists.r6rs.org/cgi-bin/mailman/listinfo/r6rs-discuss
