On 12/04/2015, Petter Adsen <pet...@synth.no> wrote: > <snip>
> > Now that you mention security, that leads me to another question - are > there any good books on writing secure programs? I would guess that > would be a good thing to think about from the start, as to learn good > practices? > I believe that this is where it gets into the realm of "How long is a piece of string?". >From my understanding, security is always relative, and, never absolute - whether something can be breached, whether it is a building or a software program, depends on the skill and persistence of the person trying to do the breaching, and, importantly, luck. It is like the principle "Just when you think that you have produced an idiot-proof program, they design a more effective idiot". I believe that, similarly, the best way to learn good programming practices, is to take courses at different educational institutions, and, pick the good parts of each. One institution at which I studied, a technical college, taught (overall) better programming practices, and that included error tracking and handling- another institution taught students to use (in c++) the assert statement, so as to, instead, cause programs to crash, when an error occurred, and, another, taught (in a Pascal course) the use of pointers, to test data that was being input through the keyboard, by using the input buffer, for data validation. Similarly, in teaching SQL programming, in database programming, some institutions that I encountered, taught students to reduce the prospect of (I think it is named) code insertion, wherein, where a user is required to manually type in data, the user instead types in SQL code, which a database program could (where it is not protedted against code insertion) accept and execute unauthorised SQL code, violating the database. It is a matter of luck, as to being taught "the right stuff" at formal educational institutions, and, even as to the attitudes of the teaching staff (at one educational institution, where I asked about the applicability of hyperbolic trig functions, when we were being taught hyperbolic trig functions, the lecturer told me that that was not his job, to explain stuff like that - his job was only to present the material, and not provide any explanations (he later became the head of the maths department, at that university), whereas, at the technical college, the lecturer there, took the time to explain the applicability of the hyperbolic trig functions), but I believe that formal education at a vocational institution, is most likely to provide the means of learning good programming practices, including software development methodologies, to achieve the best possible result in software development. Oh, and, at one of the educational institutions, the head of the (teaching) computer science department, did not believe in the benefits of systems analysis and design, for software development - he practised, and, believed in, hack programming. And, at another educational institution, I met (via a local Linux User Group mailing list), a PhD student who was studying computer security, and, he took the time to show me some of the benefits of Debian (when it was 3.0 or 3.1), and, converted me to Debian (I was, at that time, learning Red Hat and Slackware, for use at that university, thence for personal use). He was a local Linux guru, and, his area is/was computer security. > Another thing - I have been thinking about also learning Python, for > instance for interacting with GTK, and for writing things that might be > hard to do in C. Would that be a good choice, or should I look at any > other languages before I start? > I am definitely no expert in this, and, others could advise regarding this, much better than me, but, my understanding is that, for what you seek, Perl appears to be the answer, as it apparently includes "the good parts" of various programming languages, including "C", and, is cross-platform portable, and is supposed to be very versatile. -- Bret Busby Armadale West Australia .............. "So once you do know what the question actually is, you'll know what the answer means." - Deep Thought, Chapter 28 of Book 1 of "The Hitchhiker's Guide to the Galaxy: A Trilogy In Four Parts", written by Douglas Adams, published by Pan Books, 1992 .................................................... -- To UNSUBSCRIBE, email to debian-user-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org Archive: https://lists.debian.org/cacx6j8ob8duu+kaggmoptpt60nxff9pgcuhkweqsx8m3-rr...@mail.gmail.com