Python secure?

Reid Nichol rnichol_rrc at yahoo.com
Tue Aug 17 04:50:16 CEST 2004


Peter Hansen wrote:
  > "unsecure language": a programming language which, by virtue
> of its structure, primitive libraries, awkward syntax, non-
> existent runtime, or other limitations tends to encourage
> and lead to the creation of software with gross security
> holes".  Viz. "C"
 >
 > A given programmer will be more likely to create safe and
 > secure software using Python than with C, thereby making
 > C the less secure...
 >
 > -Peter

Quite frankly I find C a perfectly viable language to write secure code. 
  It's only failing is that people don't understand how to use it before 
they type (which isn't exactly a failing of the language itself, but of 
the person using it).  A perfect example of this is pointers.  If people 
wouldn't rush, if they took there time to learn what's actually going 
on, they wouldn't make those mistakes.

I have avoided many a bug just by thinking about it for just a few 
minutes more, than typing the first thing (or second or third) that 
popped in my head.  It has made me slower than other programmers in the 
beginning of projects, but in the end I am as or more efficient than the 
others.

One cannot judge a language by it's ability to allow sloppyness.  In 
fact the structure of my code (ie indentation) didn't change one bit 
from C to when I learned Python.  Quite frankly, I've seen some crap 
Python code.  It's the programmer NOT the language.

I hope others see your clear bias towards Python as I have (One need 
only to look at your descriptions to see it.).  Remember, there is no 
one language that everything is good for.  Python, C, C++, Lisp, etc all 
have things that it is best to program in them.  It all depends on the 
projects requirements.



More information about the Python-list mailing list