ELF object files: executable stack and security risk?
Walter Bright
newshound2 at digitalmars.com
Tue Jul 26 21:18:26 PDT 2011
On 7/26/2011 9:12 PM, Walter Bright wrote:
> D relies more on memory safety guarantees of the language rather than
> after-the-fact damage control. A well written D program will have very little
> unsafe code in it, whereas it's pretty much impossible to do that in C or C++,
> as they rely so heavily on pointer arithmetic.
I should clarify that. If you write C style code in D, yes, your code is not
verifiably safe and hence your programs could be susceptible to malicious
attacks based on buffer overflow exploits.
But, if you write in D style, using arrays, ranges, and other safe data
structures, the risk of your program being vulnerable to such exploits is
reduced enormously.
More information about the Digitalmars-d
mailing list