Who needs exceptions (was Re: Two languages, too similar, competing in the same space.)
Michael Ströder
michael at stroeder.com
Wed Jan 2 11:58:28 EST 2002
Andreas Kostyrka wrote:
>
> IMHO, there is a huge difference between buffer overflows and exec/eval:
> -) exec/Eval just behave like documented, and like some "functions" might
> pose security risks if passed untrusted data.
Exactly. You have to check the input no matter which programming
language.
> -) buffer overflows (basically fooling around with pointers) OTOH makes
> the code do completly unexpected things.
And that's just because there is no such simple thing like string
handling in C.
> (There are always C language modules ;) )
;-)
> For some interesting thoughts about runtime safety, one should consider
> Modula3, which does have the safe/unsafe concept explicitly in the language.
(Sigh!)
Ciao, Michael.
More information about the Python-list
mailing list