Arguments for using Python
Cameron Laird
claird at lairds.com
Thu Dec 26 08:23:56 EST 2002
In article <3E0A922F.E7E81D50 at engcorp.com>,
Peter Hansen <peter at engcorp.com> wrote:
>Duncan Smith wrote:
>>
>> I've been developing some prototype software for a government
>> organisation. It is almost entirely in Python. But it now (after I've done
>> most of the work) appears that they would prefer it to be written in Java or
>> C. Most of the guys in the organisation use C, but it's not the fact that
>> they don't know Python that is really the problem. They are very 'security
>> conscious' and don't install new software on their network without good
>> reason. [....]
>> But I need to put
>> together a document to convince them that installing Python on their network
>> is 'safe' [...]
>
>Ask them for a copy of their "Security Policy", so you can address its
>requirements directly in your response.
>
>(Hint: they don't have one. Almost certainly. Anyone who is "very
>security conscious" and yet writes lots of important code in C is
>probably lying... or ignorant. Okay, I'm being extreme there, but
>I suspect they are just anti-anything unfamiliar, not really concerned
>about security.)
>
>The benefit of this approach is that if they really *have* a Security
>Policy, then reassuring them why Python is really safe becomes much
>easier...
>
>-Peter
Peter is sooooooooooooo right.
And if it turns out they do have a specific, cogent
security policy, please let us know, so we can help
you address Python's profile. In the absence of
that, though, it would be quixotic to compose a
white paper on Pythonic security. There's plenty
you can write on the subject; in the absence of a
clear goal, it's almost certain you'll come to an
unsatisfying conclusion.
--
Cameron Laird <Cameron at Lairds.com>
Business: http://www.Phaseit.net
Personal: http://phaseit.net/claird/home.html
More information about the Python-list
mailing list