|
|
|
|
|
|
by jerf
5003 days ago
|
|
|
"Writing code in this style is perfectly safe if you do it correctly." That's a tautology. In general you can't count on code being written "correctly", so this isn't a defense. It is better to have systems that degrade gracefully in the face of humans and their idiosyncrasies, rather than those that fail-unsafe, because you can't build your security system on the assumption that your code will be written by superhumans. |
|
|