18 Aug
2006
18 Aug
'06
11:05 p.m.
On Fri, 18 Aug 2006, Brad Parker wrote:
I think this whole discussion is at the wrong level.
You need to free
yourself from the "C and pointers" mentality.
Why? Why should I tell myself that there are no pointers if in fact
pointers are in use? If I close my eyes will the processor stop addressing
memory? I don't thinks so.
If the userland application programming language
didn't have pointers
and had dynamic type checking you might find the whole problem just
goes away.
No, it bloody well doesn't. Security has never magically appeared. You
can't give up pointers for lent and discover you've become hackerproof.
pointers are not your friend unless you are
programming in assembler
(and believe me, C is just a nice portable assembler)
jump up a few levels. abstraction is your friend.
Abstraction does not stop someone from using the raw capabilities of the
machine. Only by taking away the ability to write to protected memory can
you achieve security.
(oh, and there is my "useless, off topic, and
confused" posting for the
month. just to stay on quota :-)
Seriously.
Alexey