Encapsulating trust
Daniel Murphy via Digitalmars-d
digitalmars-d at puremagic.com
Tue Sep 2 09:59:10 PDT 2014
"Dmitry Olshansky" wrote in message news:lu4j4v$leu$1 at digitalmars.com...
> Making things ugly doesn't make them safe or easier to verify.
> Somehow people expect the opposite, but just take a look at e.g. OpenSSL
> :)
No, but making unsafe code ugly makes the safe alternatives look more
attractive, and hopefully more likely to be used. It also makes the unsafe
code stand out more, so it is less likely to be overlooked.
> Slapping @trusted across whole functions just blurs the scope of system
> code (where? what was system? or maybe it's that pointer ... it's really
> hard to analyze afterwards).
Nobody is suggesting this.
More information about the Digitalmars-d
mailing list