[plt-scheme] Why do folks implement statically typed languages?

From: Richard Cobbe (cobbe at ccs.neu.edu)
Date: Thu May 31 11:57:17 EDT 2007

Previous message: [plt-scheme] Why do folks implement statically typed languages?
Next message: [plt-scheme] Why do folks implement statically typed languages?
Messages sorted by: [date] [thread] [subject] [author]

On Thu, May 31, 2007 at 04:46:52PM +0100, Noel Welsh wrote:
>  Just came across this:
>
>   http://www.sans-ssi.org/top_three.pdf
>
>  It lists the top 3 errors causing security holes.  They are:
>
>  1. Using unvalidated user input.
>  2. Buffer overflow
>  3. "Handling integers incorrectly"
>
>  The former could be solved with a static type system.  It can also be
>  addressed with dynamic checks with the usual tradeoffs.

Are there static type systems that can protect against, e.g., SQL
injection?

Richard

Posted on the users mailing list.

Previous message: [plt-scheme] Why do folks implement statically typed languages?
Next message: [plt-scheme] Why do folks implement statically typed languages?
Messages sorted by: [date] [thread] [subject] [author]