Re: Script codes

From: David Jefferson <d_jefferson_at_yahoo_dot_com>
Date: Thu Jan 05 2006 - 22:09:41 CST

My problem with your interpretation is that it is essentially
impossible to truly verify that "proper precautions" have been taken
in the code if the precautions are not built into the structure of
the language.

David

On Jan 5, 2006, at 8:42 PM, Scott Brown wrote:

> The quoted section doesn't unconditionally prohibit anything. It
> simply prohibits certain types of development environments unless
> proper precuations are taken. I'm sure we could all agree that
> this would apply to any 3rd-generation programming language whose
> high-level features (such as dynamic memory allocation, reflection,
> weak typing, etc.) -- which provide such great flexibility in
> modern business environments -- must also be handled properly for
> high-security environments.
>
> I don't at all read it as saying unconditionally such languages
> cannot be used. Rather, such languages cannot be used unless such
> exploits have been explicitly prevented at the application level.
> Makes sense; and, indeed, applies to most -- if not all -- modern
> programming languages.
>
> -- Scott

_______________________________________________
OVC-discuss mailing list
OVC-discuss@listman.sonic.net
http://lists.sonic.net/mailman/listinfo/ovc-discuss

==================================================================
= The content of this message, with the exception of any external
= quotations under fair use, are released to the Public Domain
==================================================================
Received on Mon Jan 8 20:24:36 2007

This archive was generated by hypermail 2.1.8 : Mon Jan 08 2007 - 20:24:39 CST