This is the mail archive of the
gcc@gcc.gnu.org
mailing list for the GCC project.
Re: 3.2 PATCH: Ada parallel bootstrap fixes
- From: Zack Weinberg <zack at codesourcery dot com>
- To: Robert Dewar <dewar at gnat dot com>
- Cc: kenner at vlsi1 dot ultra dot nyu dot edu, pkoning at equallogic dot com, fw at deneb dot enyo dot de,gcc at gcc dot gnu dot org
- Date: Sat, 18 May 2002 10:56:00 -0700
- Subject: Re: 3.2 PATCH: Ada parallel bootstrap fixes
- References: <20020518153440.40A0AF2A59@nile.gnat.com>
On Sat, May 18, 2002 at 11:34:40AM -0400, Robert Dewar wrote:
> > I also find it ironic to see this discussion in the context of Ada --
> > which after all has as its major claim to fame its supposed fitness
> > for creating highly reliable ("mil spec") software. If that is valid,
> > then the response to any flaws like this should be more aggressive
> > than with "ordinary" programming languages.
>
> Depends on what you mean by "like this". We have examined this issue
> carefully (have you?) and we don't find it a serious or significant
> problem.
When we are talking about runtime libraries, I think it's wise to
address security problems, even ones that are only hypothetical,
proactively and aggressively. Which is better, to fix a security hole
within hours of an exploit being circulated -- or to fix it before the
exploit ever gets written?
In this particular case, I think the best thing to do is copy the
mktemp() code out of GNU libc into the Ada runtime. That code is
known to work, and we don't have to worry about the system library not
providing mktemp or its being buggy.
I'm willing to work with Florian to get this done.
zw