Simplification of @trusted
Ola Fosheim Grøstad
ola.fosheim.grostad at gmail.com
Thu Jun 17 13:11:51 UTC 2021
On Thursday, 17 June 2021 at 13:00:22 UTC, Paulo Pinto wrote:
> Which is why on some deployment platforms where security is the
> top selling point for their customers, like
> https://www.unisys.com/offerings/clearpath-forward/clearpath-forward-products, require admin access to enable a tainted binary (e.g. unsafe code) to be made executable.
>
> Developers point of view doesn't matter for security
> assessments.
That makes a lot of sense for a commercial venture. You cannot
actually modify the code after auditing unsafe code. That would
have to trigger a new audit (hopefully automated).
There is some hope that in the future simpler functions can be
fully specced formally and that implementations then can be
automatically proven correct (with the right asserts).
That could be a big change for open source (when/if) that
happens. People could compete on performance on a
function-by-function basis and users (or even compilers) could
pick and choose knowing that they get the same output for the
same input for all available implementations.
More information about the Digitalmars-d
mailing list