On Wed, Jan 13, 2021 at 6:38 AM Kevin Chadwick <m8il1i...@gmail.com> wrote: > > On 1/13/21 2:09 PM, Axel Wagner wrote: > > Let me repeat my question: Do you have any concrete reason to assume there > > is a > > negative security impact of generics? Feel free to bring that up. > > Otherwise, I > > don't see a reason to talk about it in the design doc. > > I don't and I don't mean to make demands of other peoples time. Though I'm > sure > security has been carefully considered and might be fresh in peoples minds. It > might be worth formalising it, in any case. I am sure some members of the rust > community will do so likely inaccurately, if/when Generics are released. > > Despite seeing horrible to read code, again on Reddit today. The blog asked > for > us to consider voting. I'm inclined to upvote if the security of Go code is > expected to increase, otherwise I would likely down vote for readability > concerns.
As Axel has suggested, in general code written using type parameters is more secure, because more types can be checked at compile time. In the current Go language, any type assertion that does not use the comma-ok form can (in principle) panic at run time. If similar code is written using type parameters rather than interface types, those type errors will be detected at compile time. Therefore, on balance, code that uses type parameters is more secure. There are of course many other possible security issues that are made neither better nor worse by type parameters. Ian -- You received this message because you are subscribed to the Google Groups "golang-nuts" group. To unsubscribe from this group and stop receiving emails from it, send an email to golang-nuts+unsubscr...@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/golang-nuts/CAOyqgcVpG5uEABFAZbhhDsF3n6z7sFizza6yex2cxztF6umxDw%40mail.gmail.com.
