Anno domini 2022 Tue, 1 Feb 11:44:37 -0500
 Steve Litt scripsit:
> tito via Dng said on Tue, 1 Feb 2022 13:49:30 +0100
> >On Tue, 1 Feb 2022 09:50:31 +0100
> >Didier Kryn <> wrote:
> >
> >> Le 31/01/2022 à 19:16, Steve Litt a écrit :  
> >> >>      Writing a self-daemonizing daemon in C was a routine when I
> >> >> was still active, though I understand it could be more difficult
> >> >> in shell.  
> >> > But more difficult in Python. I try to stay away from C if Python
> >> > does the job. I think Python3 plus its standard libraries are more
> >> > secure than C code written by the error prone Steve Litt.  
> >> 
> >>      Let me generalize: "I think Python3 plus its standard libraries
> >> are more secure than C code written by an error prone human being."
> >> (~:  
> >
> >You made my day ;-) ... and Python is written in which programming
> >language?
> This is my point exactly. The C in Python was written by much more
> careful and security aware programmers than I, checked by thousands.
> This is why you almost never hear of security flaws or bugs in Python3.
> Although made from C, Python3 has no pointers and has infinitly
> expandable arrays and dictionaries, so no pointer exploits, no errant
> pointers, no ininitialized pointers, and no buffer overflows. They pull
> off RAM from the stack and the heap in the right way, and have garbage
> collection, so memory leaks and the like are unlikely to occur by
> accident. I can screw up a Python program in many ways, but assuming I
> cleanse my inputs, few of those ways are a security risk.
> In the hands of anything but a very careful and security-knowledgeable
> programmer, writing Python3 is more secure than writing C. You could
> think of Python3 as C with seatbelts and airbags, and a heck of an
> inefficient transmission.

When it comes to this, I still prefer Scheme/Lisp seatbelts and airbags. But 
that's most likely because I have a grey beard and the first "high level" 
languages where indentation kicked my butt were fortran and cobol. Seeing that 
resurrected in python is like return of the living dead ...


> SteveT
> Steve Litt 
> Spring 2021 featured book: Troubleshooting Techniques of the Successful
> Technologist
> _______________________________________________
> Dng mailing list

Please do not email me anything that you are not comfortable also sharing with 
the NSA, CIA ...
Dng mailing list

Reply via email to