der Mouse wrote:
This is not to say that moving up levels is worthless.  But it sounds
to me as though everyone in this discussion is stuck in some kind of
mindset like "if we can just eliminate $CLASS_OF_ERROR, we'll have a
safe and secure programming language".  We won't; we'll just have one
where the unsafe and insecure errors are at a higher level.

Right, that's the game. We want all the errors to be design and logic errors, with no help from the programming language. (i.e. we don't want the programming language to be permitting us to make extra errors.)

The goals should be that 100% of the security problems are design errors. :) Then we can go teach people to design properly...


Reply via email to