[ale] Any language (wuz: Assembly Language?)
Michael B. Trausch
mbt at naunetcorp.com
Sun Oct 27 10:22:18 EDT 2013
On 10/27/2013 10:00 AM, Pete Hardie wrote:
> Out of curiosity, what sort of things are you referring to in the
> Python stdlib?
It's not "what sort" but "how much".
It's extremely time-consuming and thus therefore very improbable to be
able to audit the entire Python stdlib, plus the entire python VM, plus
the entire interpreter, plus the generator, and be able to say "Yes,
this 12-line Python program is proved secure."
Those twelve lines on their own might be secure, /assuming that all
invariants are held that the programmer assumes/. Of course, that
depends on far more than the 12 lines of code! That audit then has a
domino effect.
However, if you are working in C, you don't even really need to worry
about the compiler itself, just the compiler's output. If you can
easily map a line of C to one or more assembler statements (and you can
do that quite easily), then you can prove the program's security far
more easily. After all, then you KNOW where the chains of logic
go---they're static, not dynamic.
--- Mike
--
Naunet Corporation Logo Michael B. Trausch
President, *Naunet Corporation*
? (678) 287-0693 x130 or (855) NAUNET-1 x130
FAX: (678) 783-7843
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.ale.org/pipermail/ale/attachments/20131027/561fa619/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: bidbfbgi.png
Type: image/png
Size: 1701 bytes
Desc: not available
URL: <http://mail.ale.org/pipermail/ale/attachments/20131027/561fa619/attachment.png>
More information about the Ale
mailing list