Security Risk?

[Manfred Nowak]

Sean Kelly wrote

> D is a systems language.  Using pointers and such, any method is
> free to randomly overwrite application memory if it really wants
> to. 

That is not what I mean. Overwriting of memory used by the application 
would cause loss of data, unless the data is compressible. And loss of 
data would cause malfunctioning.

But with D one does not need to overwrite memory. D seems to be able to 
attach data to a class instance without letting you know about that. 
So: no malfunctioning until it is triggered somehow.

Even if the data of the application is incompressible, one seems unable 
to detect the attached data, because even if one requires to have that 
incompressible data returned unchanged and it comes back unchanged, 
even then there might be data attached.

If my fears turn out to be true, then D has an integrated capability 
for supporting trojans.

-manfred