[cap-talk] Midori in The Register
Ben Laurie
benl at google.com
Wed Aug 6 09:40:55 CDT 2008
On Wed, Aug 6, 2008 at 2:28 PM, Jonathan S. Shapiro <shap at eros-os.com> wrote:
> On Wed, 2008-08-06 at 13:46 +0100, Ben Laurie wrote:
>> On Wed, Aug 6, 2008 at 2:28 AM, Jonathan S. Shapiro <shap at eros-os.com> wrote:
>> > That is: managed code cannot guarantee security, but type-unsafe code
>> > (which is not quite the same as unmanaged code) does guarantee the
>> > absence of security.
>>
>> I don't believe that's true. It may make it harder, but I don't see
>> why I could not get effective "type-safety" in a non-type-safe
>> language. For example, the work I've been doing in OpenSSL provides
>> type checking. It can be circumvented, but if the coder does not go
>> out of his way to do so, the code is effectively type-safe.
>
> Then this code is not type-unsafe, is it?
Well, since you took me to task for calling it type-safe, I must
conclude that it is.
More information about the cap-talk
mailing list