Sujet : Re: VMS
De : invalid (at) *nospam* invalid.invalid (Richard Kettlewell)
Groupes : comp.os.linux.miscDate : 20. Jun 2025, 09:00:18
Autres entêtes
Organisation : terraraq NNTP server
Message-ID : <wwv5xgqkfl9.fsf@LkoBDZeT.terraraq.uk>
References : 1 2 3 4 5 6 7 8 9
User-Agent : Gnus/5.13 (Gnus v5.13) Emacs/28.2 (gnu/linux)
c186282 <
c186282@nnada.net> writes:
On 6/19/25 3:40 AM, Richard Kettlewell wrote:>
c186282 <c186282@nnada.net> writes:
IMHO, stick to 'C' ... but use GOOD PRACTICES.
>
The software industry has been trying this for decades now. It does
not work.
>
At some point, soon, they need to start flagging the unsafe functions
as ERRORS, not just WARNINGS.
The problem is not just a subset of unsafe functions. The whole language
is riddled with unsafe semantics.
There is some movement towards fixing the easy issues, e.g. [1]. But the
wider issues are a lot harder to truly fix, so much so that one of the
more promising options is an architecture extension[2]; and there
remains considerable resistance[3] in the standards body to fixing other
issues, despite their recurring role in defects and vulnerabilities.
[1]
https://www.open-std.org/jtc1/sc22/wg14/www/docs/n3322.pdf[2]
https://www.cl.cam.ac.uk/research/security/ctsrd/cheri/[3]
https://www.youtube.com/watch?v=DRgoEKrTxXYMost languages after C designed these issues out, one way or another.
The clever bit is figuring out how to combine performance and safety,
and that’s what language designers have been working out, increasingly
successfully.
-- https://www.greenend.org.uk/rjk/