nanog mailing list archives

Re: Bell Labs or Microsoft security?

From: Richard A Steenbergen <ras () e-gerbil net>
Date: Wed, 29 Jan 2003 08:18:45 -0500


On Wed, Jan 29, 2003 at 03:32:41AM -0500, Sean Donelan wrote:


FORTRAN/COBOL array bounds checking.  Bell Labs answer: C. Who wants
the computer to check array lengths or pointers.  Programmers know what
they are doing, and don't need to be "constrained" by the programming
language. Everyone knows programmers are better at arithmatic than
computers.  A programmer would never make an off-by-one error. The
standard C run-time library.  gets(char *buffer), strcpy(char *dest, char
*src), what were they thinking?


Possibly that bounds checking is an incredible cpu suck, there are a great
many powerful things you can do in C based on the fact that there is no
bounds checking (pointers ARE your friend god damnit :P), and in a world
before buffer overflow exploits it probably didn't matter if Joe Idiot's
program crashed because he goofed? (hindsight is 20/20)

-- 
Richard A Steenbergen <ras () e-gerbil net>       http://www.e-gerbil.net/ras
GPG Key ID: 0xF8B12CBC (7535 7F59 8204 ED1F CC1C 53AF 4C41 5ECA F8B1 2CBC)

Current thread:

Re: What could have been done differently?, (continued)
- - - Re: What could have been done differently? Iljitsch van Beijnum (Jan 29)
    - Re: What could have been done differently? just me (Jan 29)
    - Re: What could have been done differently? Scott Francis (Jan 29)
    - Re: What could have been done differently? just me (Jan 29)
    - Re: What could have been done differently? Scott Francis (Jan 29)
    - Message not available
    - Re: What could have been done differently? Scott Francis (Jan 30)
- Re: What could have been done differently? Steven M. Bellovin (Jan 28)
  - Re: What could have been done differently? Scott Francis (Jan 28)
  - Re: What could have been done differently? Brian Wallingford (Jan 28)
  - Bell Labs or Microsoft security? Sean Donelan (Jan 29)
    - Re: Bell Labs or Microsoft security? Richard A Steenbergen (Jan 29)
    - Re: Bell Labs or Microsoft security? Marshall Eubanks (Jan 29)
    - Re: Bell Labs or Microsoft security? Richard A Steenbergen (Jan 29)
    - Re: Bell Labs or Microsoft security? Florian Weimer (Jan 29)
    - Re: Bell Labs or Microsoft security? Alif The Terrible (Jan 29)
    - Re: Bell Labs or Microsoft security? Mathew Lodge (Jan 29)
    - Re: Bell Labs or Microsoft security? E.B. Dreger (Jan 29)
    - Message not available
    - Re: Bell Labs or Microsoft security? Mathew Lodge (Jan 29)
    - Re: Bell Labs or Microsoft security? E.B. Dreger (Jan 29)
    - Re: Bell Labs or Microsoft security? E.B. Dreger (Jan 29)
    - Re: Bell Labs or Microsoft security? Richard A Steenbergen (Jan 29)

(Thread continues...)