Path: utzoo!attcan!uunet!lll-winken!ncis.llnl.gov!helios.ee.lbl.gov!pasteur!agate!bionet!ig!arizona!gudeman
From: gudeman@arizona.edu (David Gudeman)
Newsgroups: comp.lang.misc
Subject: To trust or not to trust (Re: What is B&D?)
Message-ID: <8846@megaron.arizona.edu>
Date: 23 Jan 89 20:34:56 GMT
Organization: U of Arizona CS Dept, Tucson
Lines: 29

In article  <4265@enea.se> sommar@enea.se (Erland Sommarskog) writes:
>David Gudeman (gudeman@arizona.edu) writes:
>>Why not trust the programmer to modularize and document
>>the code correctly?
>
>If we could trust programmers there would be no need for language
>of any higher level than C.

Well, if you can't trust your programmers, then one solution is to use
a totalitaritan language.  I think a better solution is additional
training, but of course I don't know your exact situation.  I have
never said that totalitaritan languages are without value, just that
they are not as general-purpose as their supporters would have us
believe.

Also, your comment about higher level languages is peculiar.  Higher
level languages give a lot more than security.  They increase
productivity by providing common data types and operations as a part
of the language, and thereby make it unnecessary for the programmer to
implement them as part of the software.

In fact, I would say that security is not even related to the level of
a language.  It is certainly the case that you can have a high level
language with no provision for security (eg. Prolog, Icon, many
versions of Lisp, and the worst offender, SNOBOL4).  The converse is
debatable.  By the way, all of the languages I listed are higher level
than any totalitarian language I know of.  (I wouldn't even trust
myself to do much programming in SNOBOL4, and I have a pretty high
confidence in my own judgement :-).