From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Language: ENGLISH,ASCII-7-bit X-Google-Thread: 103376,85034d1ac78a66eb X-Google-Attributes: gid103376,public X-Google-ArrivalTime: 2002-03-10 07:03:49 PST Path: archiver1.google.com!news1.google.com!newsfeed.stanford.edu!news-spur1.maxwell.syr.edu!news.maxwell.syr.edu!colt.net!newspeer.clara.net!news.clara.net!peernews!peer.cwci.net!news5-gui.server.ntli.net!ntli.net!news2-win.server.ntlworld.com.POSTED!not-for-mail Sender: mjw@golux Newsgroups: comp.lang.ada Subject: Re: Ada Operating System References: <3c77b476.322111671@news.cis.dfn.de> <3C88E0D1.89161C16@despammed.com> <3C8A3999.2000301@earthlink.net> <3C8B0191.3080705@mail.com> From: Matthew Woodcraft Message-ID: <87u1ro31ny.fsf@golux.ecstacy.dynamic.greenend.org.uk> User-Agent: Gnus/5.0808 (Gnus v5.8.8) Emacs/21.1 MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: 10 Mar 2002 15:03:45 +0000 NNTP-Posting-Host: 213.107.104.73 X-Complaints-To: abuse@ntlworld.com X-Trace: news2-win.server.ntlworld.com 1015772623 213.107.104.73 (Sun, 10 Mar 2002 15:03:43 GMT) NNTP-Posting-Date: Sun, 10 Mar 2002 15:03:43 GMT Organization: ntl Cablemodem News Service Xref: archiver1.google.com comp.lang.ada:21020 Date: 2002-03-10T15:03:45+00:00 List-Id: Hyman Rosen writes: > Many of the errors and vulnerabilities that show up these days are > "cross-scripting" errors and the like, where programs execute > externally submitted scripting code because they fail to properly > validate inputs. This is purely an error of program logic - no > automated language checking is going to catch this. People can and do include the 'trustedness' of data in their type systems. Consider taintperl, for an example with dynamic typing. There's no reason why this couldn't be done with static typing too. -M-