I think that's a discussion that deserves its own new thread on openssl-dev.
A RT ticket is *not* the right place for a philosophical discussion. Closing this. Please don't respond on this message, create a new thread instead. Vid Sat, 19 Mar 2016 kl. 01.49.13, skrev noloa...@gmail.com: > On Fri, Mar 18, 2016 at 9:46 PM, Richard Levitte via RT > <r...@openssl.org> wrote: > > In this case, though, it's an application that explicitely calls an > > aborting function. No subterfuge at all there, so if you wanted to > > complain, this is a particularly bad example. > > > > We do use OPENSSL_assert() in some places, to check *internal* state. > > When internal state is incorrect, it's not something that should keep > > running. The aim is, of course, that such errors will be caught by > > our tests. > > When the library aborts, what keeps sensitive information from being > written to disk and then sent to Apple, Microsoft, <favorite distro> > in a crash report? > > Jeff -- Richard Levitte levi...@openssl.org -- Ticket here: http://rt.openssl.org/Ticket/Display.html?id=4451 Please log in as guest with password guest if prompted -- openssl-dev mailing list To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-dev
