← Back to context

Comment by alkonaut

8 years ago

No, the language is bad if using it wrong can leak sensitive data.

The choice of language is wrong if you pick such a language in a situation where mistakes can lead to safety or security problems.

The first requirement is security.

But - I can't think of a single language in which using it "wrong" might not lead to info leaks? Any language with a runtime has to manage memory somehow at the runtime layer and so similar leaks can occur there depending upon design and implementation, and the wider OS context.

At the whole program/application level, when you create your own data structures, you can find lots of ways to leak them to the world.

  • No one calls C#, JavaScript and Python memory unsafe because their runtimes are implemented in C. Nor do I expect CF to not use Linux or Nginx because they are written in C. We have to live with C but I expect everyone who does anything safety or security critical to do everything they can to minimize the amount code that is susceptible to this class of bug.

    Using a runtime with a safe language on top is a perfectly good example of doing that.

    Logic errors causing leaks will always be a threat, but we shouldn't be leaking because of pointer arithmetic problems in custom C code. Not 2017.

    • Regarding C#, the plan is to increasingly move C++ code to C#, now that they have Roslyn and .NET Native.

You can leak sensitive data with any language. C is not used for web development on the client side, yet people abuse security holes in web apps all the time.

  • That's not an argument for using C. There are many classes of bugs and using a safe language only protects against one class.

    What I'm saying is there is no excuse not to take that protection.