Making D better than other programming languages (warning: rant, drivel)
David Medlock
noone at nowhere.com
Wed Nov 1 12:30:40 PST 2006
renox wrote:
> Dave wrote:
>
>> Nils Hensel wrote:
>>
>>> Walter Bright schrieb:
>>>
>>>> One thing you mentioned as a proven productivity booster is dynamic
>>>> typing. D isn't going to do dynamic typing, but its type inference
>>>> support is getting much better, to the point where one does not need to
>>>> explicitly say nearly so many types.
>>>
>>>
>>>
>>> I agree, this is a great feature. In this aspect D is nearly a
>>> compilable Python. I found myself using D in cases I normally would have
>>> used Python for.
>>>
>>> Way to go! ;-)
>>>
>>> Cheers,
>>> Nils
>>
>>
>>
>> Where I work right now, they do a lot of Perl (the most productive
>> language mentioned in the OP).
>>
>> Because of the built-in strings, AA's, good/easy I/O and regexp lib.,
>> D could be great for a lot of what Perl is used for. And perhaps just
>> as productive for many text processing tasks for the average Perl
>> hacker who doesn't have all of the arcane Perl syntax imprinted in
>> their temporal lobe yet.
>>
>> Anyhow, there are two reasons why D isn't in this shop:
>>
>> 1) No (current) 'port' for HPUX
>> 2) For security and system stability reasons, anything new and
>> relatively unproven is pretty unlikely to make it onto the machines in
>> this shop (pretty prudent actually).
>>
>> With that in mind.. Once v1.0 of D is released, it may actually be a
>> good idea for Walter to call in some chips and get a 'code security
>> audit' done on the compiler and phobos if possible. Some assurance to
>> prospective commercial users that it's safe to install on their
>> 'big-iron' may go a long way towards at least getting organizations to
>> try it, but I really don't know.
>
>
> Uh? Security audit of the *compiler*??
>
> I agree that having secure generated code and secure library is a must
> but of the compiler itself, frankly..
>
> Note that given widespread current usage of C, I find it hard to believe
> that this kind of security requirement is really serious.
>
> Renaud
>
>
>> (It may be impressive to headline something like "The D v1.0 compiler
>> and runtime library have passed a 3rd-party code security audit". [if
>> a statement like that wouldn't void some portion of the 'suitability
>> warranty'.])
Ken Thompson had a paper called 'Reflections on Trusting Trust' which
used a hacked compiler which would:
http://www.acm.org/classics/sep95/
1. Detect when the unix login C code was being compiled and put a
hardcoded backdoor name and password which would give root access.
2. Detect when the unix C compiler was being compiled and insert code to
ensure that this and #1 would remain in the compiled binary.
In this way it would be fairly difficult to be sure of code you compile,
even if you compiled your compiler...
-DavidM
More information about the Digitalmars-d
mailing list