Stories
Slash Boxes
Comments
NOTE: use Perl; is on undef hiatus. You can read content, but you can't post it. More info will be forthcoming forthcomingly.

All the Perl that's Practical to Extract and Report

use Perl Log In

Log In

[ Create a new account ]

chromatic (983)

chromatic
  (email not shown publicly)
http://wgz.org/chromatic/

Blog Information [technorati.com] Profile for chr0matic [technorati.com]

Journal of chromatic (983)

Thursday June 26, 2008
08:40 PM

Maybe IFF Everyone Always Gets it Completely Right

[ #36792 ]

[The recent Ruby security vulnerabilities], and others like it in Python/Perl/etc are interesting for a lot of reasons but mostly because too many people point to using these languages as a safe alternative to C/C++...

Daniel Peck, Vulnerabilities in Interpereted Languages

Right, because there's no difference in requiring everyone to get their pointers and allocations and deallocations and initializations right as you do in C and C++ and requiring only the people writing the compiler or interpreter and possibly any extensions to get these right, as you do in Ruby, Perl, PHP, and Python. A well-designed language extension system will even allow you to reuse the language's memory allocation/deallocation system, further minimzing your risk.

Apparently this part of security is not one where minimizing your exposure is valuable.

(Then again, you may want to reconsider taking security advice from someone whose command of technical details misses the fact that, of the languages listed, only Ruby is "interpereted" [sic] -- and interpret/compile is generally an implementation detail, not a language requirement.)

The Fine Print: The following comments are owned by whoever posted them. We are not responsible for them in any way.
 Full
 Abbreviated
 Hidden
More | Login | Reply
Loading... please wait.