[PRL] A type-based solution to the "strings problem":
Felix S Klock II
pnkfelix at ccs.neu.edu
Fri Oct 20 11:10:54 EDT 2006
On Oct 20, 2006, at 9:27 AM, William D Clinger wrote:
> Matthis wrote:
>> HUH?
>
> Cormac proposed a world-wide data base of witnesses to
> subtyping failures, to be extracted automatically from
> application data that fail a run-time type check. The
> security implications should be obvious.
The database need not be global. Even a database that is isolated to
a particular development team may provide useful information.
So what we have here is an opportunity to *sell* a local database to
companies who are concerned about the security implications of using
the global one that Cormac's team provides for free.
Sounds like genius to me.
-Felix
More information about the PRL
mailing list