[Cryptography] Ada vs Rust vs safer C
Florian Weimer
fw at deneb.enyo.de
Tue Sep 20 01:27:11 EDT 2016
* Arnold Reinhold:
> So I think an effort to make C more security friendly is warranted. I
> think this is primarily an organizational problem, not a technical
> one. As is obvious from this thread there have been many past attempt
> to solve C’s insecurity, with very limited success. C11 at least has
> memset_s.
It's an option feature in C11 and a bit of a joke because it is
required to call a callback in case of constraint violations. The
callback is controlled by a global variable (it's not even
thread-local) and does not necessarily terminate the process.
More information about the cryptography
mailing list