En un mensaje anterior, Blue Boar escribió:
> Fernando Schapachnik wrote:
> >I smell a discusion going nowhere. What is the point of teaching a 
> >languague?
> >Teach them to program in a paradigm (better, in all of them, and give them 
> >the
> >tools to make educated choices about which is better for each context), and
> >choose any language as an *example* of the paradigm.
> Ah... but beyond design problems, aren't most security problems 
> language-specific abuses and bugs?  I'm thinking things like "I didn't 
> realize it would let me mix signed and unsigned... I didn't realize it 
> would let me right off the end of the buffer... I didn't realize I had 
> to escape or filter certain characters...."

Same thing happens with concurrency. You need to tell them about shared
variables, mutexes, locking, atomicity, protected sections, etc. When they are
going to undertake a real project in a specific language they need to know how
these are implemented there. I expect them to be able to learn that from the
multiple available resources, once the foundations are learn.

Now s/concurrency/security/. Imagine next year, when language NEW appears
and some people from this list are required to work in it. I suspect most
of them would probably apply their existing knowledge and some searching around
to understand the new thread model, and act acordindgly. Is the same scenario
for students.



Reply via email to