wt., 14 gru 2021 o 00:04 John McKown <john.archie.mck...@gmail.com> napisaĆ(a):
> I don't think COBOL is explicitly, or implicitly, more secure than the base > Java language. The "problem" is not the Java language, but the Internet > infrastructure built into the Java libraries and "add on" facilities such > as LOG4J. A COBOL programmer would most likely write their own logging > facility whereas a Java programmer would have a much larger selection of > "prebuilt" libraries to use & would so likely use them. These facilities > might or might not have any vulnerabilities in them. But I doubt that > anyone is really validating them. The same with C/C++. Or any other > "popular" languages. The PERL and R languages have CPAN and CRAN web sites > full of user supplied programs. COBOL does not have that sort of thing. > IBM, in the supplied COBOL libraries, tries to validate that they do not > compromise system reliability and availability. Routines from the Internet > are NOT validated by an outside source. In that way, COBOL is "more > secure", in a certain sense. It's also why not many mainframe web > applications are built using COBOL. JAVA is easier to use because it has so > much "free stuff" which is already developed for Web type things. > Very well put Sir. Couldn't agree more. Cheers, s1m0n ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
