Date: Tue, 28 Jul 1998 14:49:10 -0400 From: Garance A Drosihn <drosih@rpi.edu> To: security@FreeBSD.ORG Subject: Re: Translation to a safer language... Message-ID: <v04011703b1e3bdfe9e0b@[128.113.24.47]> In-Reply-To: <Pine.BSF.3.96.980723232315.9874B-100000@adam.adonai.net> References: <199807220125.TAA21968@lariat.lariat.org>
next in thread | previous in thread | raw e-mail | index | archive | help
At 11:30 PM -0500 7/23/98, Lee Crites (ASC) wrote: >On Tue, 21 Jul 1998, Brett Glass wrote: >=> candidates; of course, a new language could be developed >=> with this application in mind. (The advantage of developing >=> something new is that it could have obvious, but safe, mappings >=> from C constructs, facilitating machine translation.) Ideas? > > A new language doesn't seem like it would be a good idea to me. > We'd have to work on debugging a new language and a new compiler > and new libraries at the same time we are working on the > operating system. It could happen, but I think we'd be better > off with an existing language. Perhaps the most practical thing would be a C-offshoot which does not allow some "dangerous" practices, but the code for it would compile just as well with any standard-C compiler. This would include changes to routines in the "standard" libraries for this C-offshoot language. The biggest challenge of this idea is getting anyone to agree what those "dangerous" practices would be... As one example, I'd have this off-C language know about strcpy, and not allow strcpy's when the source is a variable. I figure it'd take at least two or three years to argue that out with people who want the "power" of strcpy, and who won't be happy with even the slightest change... To deal with performance issues (of strncpy or strncat), I'd probably want to add another set of routines which still do bounds-checking but which don't result in as much overhead. Perhaps what I'm thinking of is merely a "taintC" idea, along the lines of what perl has. --- Garance Alistair Drosehn = gad@eclipse.its.rpi.edu Senior Systems Programmer or drosih@rpi.edu Rensselaer Polytechnic Institute To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?v04011703b1e3bdfe9e0b>