[Cryptography] GCC bug 30475 (was Re: bounded pointers in C)
Peter Gutmann
pgut001 at cs.auckland.ac.nz
Sun Apr 20 22:05:57 EDT 2014
Arnold Reinhold <agr at me.com> writes:
>In my opinion, the GNU Project and the developers of GCC would be well
>advised to get legal advice on their responsibilities and liabilities in this
>matter.
They have no responsibilities to anyone, and that's the problem. Being
completely disconnected from any responsibility to their users, they have the
liberty to sit there pontificating about hair-splitting interpretations of the
standard rather than Doing the Right Thing by users. This is a serious
problem with many OSS projects which are driven by the whims of the owners
rather than real-world considerations (it's also a benefit in some cases, so
it cuts both ways).
[Long philosophising discussion about requirements-driven development and
customer responsiveness snipped since it's really only tangentially security-
relevant].
Peter.
More information about the cryptography
mailing list