As is in distros will be made specifically to avoid it. Rust and Clojure are the worst things to happen to open source in a long time. There is a reason why good old C has been used for over 50 years.
"Derp! But all the security problems are from stoopid mistakes! They wouldn't be there if all the C coders had top 1% skill level!!!"
The string mistakes wouldn't be there if programmers used a better string library in C. This doesn't require top 1% skill level. The memory mistakes wouldn't be there if programmers used a better memory library in C. This also doesn't require a top 1% skill level.
It doesn't require a genius to avoid buffer overflows in C, it takes general competence. Although maybe most programmers these days don't have general competence.
Since C lacks any kind of automatic resource management, any "better library" still requires manual steps to do lifetime management. They do not solve the fundamental problem.
Since C lacks array bounds checking or operator overloading, you've also got to forego the bracket operator if you want to use a library as a bandaid over unchecked bounds errors (or maybe use unholy preprocessor macro tricks). There goes C's "elegant syntax" out the window.
But there's much more than that. The C specification as a whol
Since C lacks any kind of automatic resource management, any "better library" still requires manual steps to do lifetime management. They do not solve the fundamental problem.
You are changing the topic. You were talking about security problems in C, and I gave you the solution. Then you changed the topic to resource management.
I think your problem is that you don't like C, which is fine, but it's not a problem for the rest of us.
As I've already pointed out, libraries cannot begin to fix all of the security problems with C, including buffer overflows.
Since you think they can, not only are you not a C wizard, but you're also dangerously incompetent. You should be restricted to coding in Java at the very most.
Rust is the new SystemD (Score:2, Informative)
Re: (Score:2)
There is a reason why good old C has been used for over 50 years.
And the reason is that somebody has to provide job security for all the security hackers with hats of various colors.
"Derp! But all the security problems are from stoopid mistakes! They wouldn't be there if all the C coders had top 1% skill level!!!"
Math fail.
Re: (Score:5, Insightful)
"Derp! But all the security problems are from stoopid mistakes! They wouldn't be there if all the C coders had top 1% skill level!!!"
The string mistakes wouldn't be there if programmers used a better string library in C. This doesn't require top 1% skill level.
The memory mistakes wouldn't be there if programmers used a better memory library in C. This also doesn't require a top 1% skill level.
It doesn't require a genius to avoid buffer overflows in C, it takes general competence. Although maybe most programmers these days don't have general competence.
Re: (Score:0, Troll)
Since C lacks any kind of automatic resource management, any "better library" still requires manual steps to do lifetime management. They do not solve the fundamental problem.
Since C lacks array bounds checking or operator overloading, you've also got to forego the bracket operator if you want to use a library as a bandaid over unchecked bounds errors (or maybe use unholy preprocessor macro tricks). There goes C's "elegant syntax" out the window.
But there's much more than that. The C specification as a whol
Re: (Score:4, Informative)
Since C lacks any kind of automatic resource management, any "better library" still requires manual steps to do lifetime management. They do not solve the fundamental problem.
You are changing the topic. You were talking about security problems in C, and I gave you the solution. Then you changed the topic to resource management.
I think your problem is that you don't like C, which is fine, but it's not a problem for the rest of us.
Re: (Score:2)
Resource management IS security management in C. Haven't you ever heard of a dangling pointer?
You're not as much as a C wizard as you think you are.
Re: (Score:2)
You're not as much as a C wizard as you think you are.
I'm not a C wizard, I just know how to use libraries. If you have trouble with that, you must be really, really bad.
Re: (Score:2)
As I've already pointed out, libraries cannot begin to fix all of the security problems with C, including buffer overflows.
Since you think they can, not only are you not a C wizard, but you're also dangerously incompetent. You should be restricted to coding in Java at the very most.
Re: (Score:5, Insightful)
Re:Rust is the new SystemD (Score:2)