[PRL] A type-based solution to the "strings problem":

Felix S Klock II pnkfelix at ccs.neu.edu
Fri Oct 20 11:10:54 EDT 2006


On Oct 20, 2006, at 9:27 AM, William D Clinger wrote:

> Matthis wrote:
>>  HUH?
>
> Cormac proposed a world-wide data base of witnesses to
> subtyping failures, to be extracted automatically from
> application data that fail a run-time type check.  The
> security implications should be obvious.

The database need not be global.  Even a database that is isolated to  
a particular development team may provide useful information.

So what we have here is an opportunity to *sell* a local database to  
companies who are concerned about the security implications of using  
the global one that Cormac's team provides for free.

Sounds like genius to me.

-Felix




More information about the PRL mailing list