[Info-vax] OS implementation languages
Johnny Billquist
bqt at softjar.se
Mon Sep 11 12:20:48 EDT 2023
On 2023-09-11 16:20, Dave Froble wrote:
> On 9/11/2023 8:50 AM, bill wrote:
>> On 9/11/2023 8:35 AM, Simon Clubley wrote:
>>> On 2023-09-09, Arne Vajhøj <arne at vajhoej.dk> wrote:
>>>>
>>>> A PHP application created by the average PGP programmer
>>>> is likely to have big security problems though.
>>>>
>>>
>>> And you don't see this as a problem with the language ? Because I do.
>>>
>>
>> Isn't it interesting how security problems like null terminated
>> strings and buffer overruns in C are the languages fault and
>> and yet security problems in PHP (and other languages) are the
>> programmers fault.
>>
>> bill
>>
>>
>
> No, because using null terminated strings is the programmer's fault.
That is a weird claim, and I'd say is something the language have a lot
of impact on.
If you are fine with not using string literals in C, you could for sure
implement your own structure to deal with strings, and a whole library
with functions to manipulate them. But being able to express a string in
your sources is probably something most would find too restrictive. As
well as not being able to use almost any existing formatting functions.
Johnny
More information about the Info-vax
mailing list