Path: news.eternal-september.org!eternal-september.org!.POSTED!not-for-mail
From: The Natural Philosopher <tnp@invalid.invalid>
Newsgroups: comp.os.linux.misc
Subject: Re: VMS
Date: Sat, 21 Jun 2025 01:07:06 +0100
Organization: A little, after lunch
Lines: 62
Message-ID: <1034t3a$aubo$2@dont-email.me>
References: <wCqdnYde9MIbmND1nZ2dnZfqnPadnZ2d@giganews.com>
 <87tt4i9nw5.fsf@eder.anydns.info> <102l0h9$fjtb$5@dont-email.me>
 <Z2udned3u9ZgqtP1nZ2dnZfqnPudnZ2d@giganews.com>
 <slrn1054j9c.3ce8.candycanearter07@candydeb.host.invalid>
 <PpudnVnCnvuYxc_1nZ2dnZfqnPudnZ2d@giganews.com>
 <wwva564xjps.fsf@LkoBDZeT.terraraq.uk>
 <4_GdncCsf-Nqe8n1nZ2dnZfqnPSdnZ2d@giganews.com>
 <wwv5xgqkfl9.fsf@LkoBDZeT.terraraq.uk> <103392c$lpbg$5@dont-email.me>
 <1033o4a$1qj6$3@dont-email.me> <1033tv1$3aqu$3@dont-email.me>
 <1034pj8$a74s$1@dont-email.me>
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 8bit
Injection-Date: Sat, 21 Jun 2025 02:07:07 +0200 (CEST)
Injection-Info: dont-email.me; posting-host="85e042721931b104c8285aaa051e8924";
	logging-data="358776"; mail-complaints-to="abuse@eternal-september.org";	posting-account="U2FsdGVkX1/4OJ7+Y4mkS/Z32ecFeAh60uuagarknHc="
User-Agent: Mozilla Thunderbird
Cancel-Lock: sha1:fLie1plyZx35H3rrGRrfgGRLrkw=
In-Reply-To: <1034pj8$a74s$1@dont-email.me>
Content-Language: en-GB

On 21/06/2025 00:07, Rich wrote:
> The Natural Philosopher <tnp@invalid.invalid> wrote:
>> On 20/06/2025 14:36, Rich wrote:
>>> The Natural Philosopher <tnp@invalid.invalid> wrote:
>>>> On 20/06/2025 09:00, Richard Kettlewell wrote:
>>>>> c186282 <c186282@nnada.net> writes:
>>>>>> On 6/19/25 3:40 AM, Richard Kettlewell wrote:>
>>>>>>> c186282 <c186282@nnada.net> writes:
>>>>>>>       IMHO, stick to 'C' ... but use GOOD PRACTICES.
>>>>>>>
>>>>>>> The software industry has been trying this for decades now. It does
>>>>>>> not work.
>>>>>>
>>>>>> At some point, soon, they need to start flagging the unsafe functions
>>>>>> as ERRORS, not just WARNINGS.
>>>>>
>>>>> The problem is not just a subset of unsafe functions. The whole language
>>>>> is riddled with unsafe semantics.
>>>>>
>>>>> There is some movement towards fixing the easy issues, e.g. [1]. But the
>>>>> wider issues are a lot harder to truly fix, so much so that one of the
>>>>> more promising options is an architecture extension[2]; and there
>>>>> remains considerable resistance[3] in the standards body to fixing other
>>>>> issues, despite their recurring role in defects and vulnerabilities.
>>>>>
>>>>> [1] https://www.open-std.org/jtc1/sc22/wg14/www/docs/n3322.pdf
>>>>> [2] https://www.cl.cam.ac.uk/research/security/ctsrd/cheri/
>>>>> [3] https://www.youtube.com/watch?v=DRgoEKrTxXY
>>>>>
>>>>> Most languages after C designed these issues out, one way or another.
>>>>> The clever bit is figuring out how to combine performance and safety,
>>>>> and that’s what language designers have been working out, increasingly
>>>>> successfully.
>>>>>
>>>> I don't really see how you can have a program that cannot write or read
>>>> memory beyond the intentions of the original programmer.
>>>
>>> Ada accomplished it years ago (i.e., Rust is nothing new in that
>>> regard).  But....  it did so by inserting in the compiled output all
>>> the checks for buffer sizes before use and checks of error return codes
>>> that so often get omitted in C code.  And the performance hit was
>>> sufficient that Ada only found a niche in very safety critical
>>> environments (aircraft avionics, etc.).
>>>
>> I bet a bad (or extremely good) programmer could circumvfent that
> 
> Very likely, but the idea was to protect the typical programmer from
> their own common mistakes (of not carefully checking error return codes
> or buffer lengths, etc.).  I.e. the typical 9-5 contract programmer,
> not the Dennis Ritchie's of the world.

the 9-5 contract programmers WERE the Dennis Ritchies.

The idiots were the permies.

-- 
“Ideas are inherently conservative. They yield not to the attack of 
other ideas but to the massive onslaught of circumstance"

    -  John K Galbraith