[55432] in North American Network Operators' Group
Re: Bell Labs or Microsoft security?
daemon@ATHENA.MIT.EDU (Richard A Steenbergen)
Wed Jan 29 08:21:06 2003
Date: Wed, 29 Jan 2003 08:18:45 -0500
From: Richard A Steenbergen <ras@e-gerbil.net>
To: Sean Donelan <sean@donelan.com>
Cc: nanog@merit.edu
In-Reply-To: <Pine.GSO.4.44.0301290256580.26281-100000@clifden.donelan.com>
Errors-To: owner-nanog-outgoing@merit.edu
On Wed, Jan 29, 2003 at 03:32:41AM -0500, Sean Donelan wrote:
>
> FORTRAN/COBOL array bounds checking. Bell Labs answer: C. Who wants
> the computer to check array lengths or pointers. Programmers know what
> they are doing, and don't need to be "constrained" by the programming
> language. Everyone knows programmers are better at arithmatic than
> computers. A programmer would never make an off-by-one error. The
> standard C run-time library. gets(char *buffer), strcpy(char *dest, char
> *src), what were they thinking?
Possibly that bounds checking is an incredible cpu suck, there are a great
many powerful things you can do in C based on the fact that there is no
bounds checking (pointers ARE your friend god damnit :P), and in a world
before buffer overflow exploits it probably didn't matter if Joe Idiot's
program crashed because he goofed? (hindsight is 20/20)
--
Richard A Steenbergen <ras@e-gerbil.net> http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)
