[OffTopic] A vulnerability postmortem on Network Security Services

rikki cattermole rikki at cattermole.co.nz
Sun Dec 5 18:24:22 UTC 2021


On 06/12/2021 7:09 AM, Greg Strong wrote:
> On Saturday, 4 December 2021 at 03:23:07 UTC, rikki cattermole wrote:
>> Quite literally one small change, no function body? @system and we 
>> would have supported the DIP.
>>
>> Nobody has stepped up to make an amended DIP however.
> 
> I do not entirely understand this reply.  It seems that you are saying 
> that this would have happened - with support from Walter - had a little 
> more paperwork been done.  Can you confirm?

The problem was Walter didn't listen to the community. We said pretty 
much from day one, if you can't prove that a function is @safe, it 
simply cannot default to it. As that breaks the guarantee (there is some 
conflating of ABI with safety-ness although if a function is extern(C) 
it shouldn't effect it).

It went through the DIP process without this change.

The accepted thread: 
https://forum.dlang.org/thread/rwjxbgsauknjjrvousti@forum.dlang.org
Thread where he announced it was dead: 
https://forum.dlang.org/thread/raq4fg$1ab4$1@digitalmars.com

> I don't really know how to submit a DIP but I will figure it out if that 
> is really all that is needed.  But I'm skeptical ... I've read these 
> forms long enough to know that people generally don't put in the effort 
> to work through the red tape because, frequently, that is done and the 
> proposal winds up being killed anyway.
> 
> I'm willing to help out, provided either (A) the proposal cannot be 
> unilaterally killed by Walter, or (B) he personally confirms that he is 
> on board.

This is in a pretty awkward position. Community is ok if it has this one 
change, but we don't know what Walter's position is on an amended DIP 
would be. There are some sour feelings here I think still.


More information about the Digitalmars-d mailing list