[Cryptography] Use Linux for its security
Henry Baker
hbaker1 at pipeline.com
Sat Oct 1 09:14:09 EDT 2016
At 02:26 AM 10/1/2016, Florian Weimer wrote:
>* Henry Baker:
>
>> I've had a long-standing complaint with Common Lisp -- even though it is
>> technically a buffer-overflow-free zone --
>
>Actually, it's not. Common Lisp does not mandate bounds checking for
>AREF or SVREF. One can hope that most implementations perform it by
>default, but for those implementation with optimizing compilers, it
>can be easily switched off. The language rules even say that if a
>supposedly-safe function is called from a function compiled without
>safety checks, the safety checks in the called functions do have to be
>performed (so safety is not modular).
Well, as Dante might have said, "Abandon hope, all ye who disable
bounds checks".
Or as Dorothy Parker did say, "You can lead a whore to culture, but
you can't make her think!"
Or as I would say, "why bother working in a safe language if you
turn off the safety?"
More information about the cryptography
mailing list