|
|
|
|
|
|
by thayne
1424 days ago
|
|
|
That might be true in some cases. But for the public data case, you probably still need to worry about DoS or data corruption. In the logs case, a malicious actor can probably control at least part of the logs, so if a bug leads to arbitrary code execution, a bad actor could possibly get all kinds of valuable data. Also, just to be clear, the language doesn't necessarily mean there are significant security bugs. A well written c++ app is probably better than a poorly written java app. It's just harder to avoid memory bugs in c++ than java. |
|
|