|
|
|
|
|
|
by Sir_Cmpwn
3514 days ago
|
|
|
The problem with OpenSSL is less about the language it's written in and more about the age of the project, discipline of the developers, quality of the codebase, and its prevalance - which leads to its vulnerabilities having a high impact. OpenSSL's code is a heap of trash and that's why it's vulnerable, not neccessarily because it's written in C. |
|
|
So while there are excellent examples of C projects out there, there are many more that show why it's important to provide developers (even the good ones) with guard rails.