User: Password:
|
|
Subscribe / Log in / New account

New GNU Hurd, Mach, and MIG releases

New GNU Hurd, Mach, and MIG releases

Posted Oct 1, 2013 23:44 UTC (Tue) by wahern (subscriber, #37304)
In reply to: New GNU Hurd, Mach, and MIG releases by HelloWorld
Parent article: New GNU Hurd, Mach, and MIG releases

How do you go from describing the origin of bugs in Java-the-language-implementation to arguing that Java programs have fewer bugs than C programs?

PHP is "safer" than C in the same regards. Would you also argue that PHP programs tend to be safer and have fewer bugs than C programs?

I'm not at all sure that Java programs tend to be safer than C programs in 2013. Buffer overflows and stack smashing are pre-eminent in the C world precisely because many other classes of exploitable bugs are less prevalent, for many different reasons--engineer experience, typical usages, etc. C also tends to get more CVE reports precisely because historically has predominated in large, widely used programs that are under the microscope.

I'm not saying that Java programs are less secure. Maybe they're more secure. But the type of memory corruption possible with C is but one factor, and the potential for the same kind of corruption exists in all languages when executed on commodity hardware. And advances in mitigation techniques has narrowed the gap substantially in terms of the susceptibility to exploitable memory corruption.


(Log in to post comments)

New GNU Hurd, Mach, and MIG releases

Posted Oct 1, 2013 23:45 UTC (Tue) by wahern (subscriber, #37304) [Link]

I meant, "that Java programs have fewer security bugs (i.e. are 'safer') than C programs".

New GNU Hurd, Mach, and MIG releases

Posted Oct 2, 2013 1:00 UTC (Wed) by Cyberax (✭ supporter ✭, #52523) [Link]

PHP programs are in general far more secure than C-based ones. However, PHP itself is horrible for web development.


Copyright © 2017, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds