Robert Jacques wrote:
On Fri, 19 Feb 2010 14:44:14 -0500, Manfred_Nowak <[email protected]>
wrote:
http://cwe.mitre.org/top25/
shows patterns of attacs.
Does someone see a way to use D design patterns to stop attack patterns?
-manfred
I really don't like this list because its a list of unsecure coding
patterns and not dangerous one. The only one of them has ever killed
anyone (race conditions, #25), the rest just lead to identity theft. I'd
also put "poorly written error messages", "integer overflows" and
"corrupting datafiles" up there as things that have killed people.
Anyways, in response to your question D's concurrency strategy should
make it (relatively) difficult to cause races. And most of the attack
patterns are at a higher level than raw code.
Oh hey... null pointer dereference is not on the list :o).
Andrei
