On 2025-09-29 09:01:26 +0530 (+0530), Amit wrote: [...]
The function body should also be secure.
This generalizes to a tautology: The software is secure if the software is secure. It's true, of course, as are all tautologies, while also being a useless assertion.
After writing code, you should review your code for security issues and also get it peer reviewed for security issues. In general, you should always get your code peer reviewed for security issues, bugs, company coding guidelines, etc.
[...]While excellent advice, this does not guarantee security (all of the vulnerability reports I oversee are for software where every change has been reviewed and approved by multiple competent developers before merging, but humans are not perfect either).
Not to insult your work or ideas, but sadly this has the hallmarks of what the scientific and mathematical communities would refer to as "crank" or "crackpot" theory so I don't think anyone on this mailing list continuing to engage with you is likely to solve your misunderstandings. In time, hopefully, you'll gain a greater perspective on software security and come to realize why this is not as simple as you keep asserting.
-- Jeremy Stanley
signature.asc
Description: PGP signature
