[OffTopic] A vulnerability postmortem on Network Security Services

SealabJaster sealabjaster at gmail.com
Sun Dec 5 19:57:18 UTC 2021

On Sunday, 5 December 2021 at 18:09:56 UTC, Greg Strong wrote:
> I'm willing to help out, provided either (A) the proposal 
> cannot be unilaterally killed by Walter, or (B) he personally 
> confirms that he is on board.

B is the most realistic option, people are rarely willing to give 
up ultimate power for both good and bad intentions.

No matter how I think about, extern(C) being @safe by default 
makes no sense. Even if it was written in a different language, 
you have no information about *which* language and what safety 
guarantees it (doesn't) provide. I just wish it wasn't the main 
point of contention for @safe by default :(

Honestly I'd go as far as saying no C code should be marked as 
even @trusted by a human (even wrapper funcs). But that 
unfortunately turns into a "D with C" (@safe + @"trusted") vs "D 
with no C"(@safe only) kind of argument.

And there's no where near enough libraries in D to make up for 
not being able to interface with C.

While it's really unfortunate we haven't yet gotten @safe by 
default, I'm still weary about it when code is still interfacing 
with possible non- at safe languages via extern(C).

More information about the Digitalmars-d mailing list