Suffice it to say that I think language design is the absolute wrong place to address computer security that way.
Language design problems have enough on their plate and their are more direct ways to address security problems. So, I don't care so much about "attackers" of the sort about which you quote a comment. -t On Mon, 2009-03-23 at 19:37 -0400, John Cowan wrote: > Thomas Lord scripsit: > > > The freedom of an implementation to go either > > way on that point is a good reflection of the > > fact that neither way is obviously better than > > the other *and* it is easy for programs to not > > rely on one way or the other. > > > > Changing the language to force one choice is > > just arbitrary. It adds an implementation burden. > > It punts on the question of which choice is better. > > I'll just quote here from an email on the ECMAscript 3.1 mailing list > <https://mail.mozilla.org/pipermail/es3.x-discuss/2009-March/001183.html> > not necessarily because I agree with it, but so that the opposing > point of view is recognized: > > > Conventional developers seek only functionality, and stay away from > > edge conditions. Attackers seek opportunities in edge conditions. So > > defenders must reason about the limits on the damage that might be > > caused by these edge conditions. > > > > Put another way, conventional developers must code to the intersection > > semantics of the platforms in question, since a correct program must > > work across all these platforms. Attackers can seek opportunities in > > the union semantics, since an attack that works on any platform is > > still a successful attack. More deterministic specs narrow the gap > > between these two. > _______________________________________________ r6rs-discuss mailing list [email protected] http://lists.r6rs.org/cgi-bin/mailman/listinfo/r6rs-discuss
