Don't shift the goal posts, we're talking specifically about dependencies and de... | Hacker News

Hacker News new | past | comments | ask | show | jobs | submit

login

pfundstein on Aug 18, 2020 | parent | context | favorite | on: Dependency

Don't shift the goal posts, we're talking specifically about dependencies and dependency driven bugs.

dodobirdlord on Aug 18, 2020 [–]

Languages like C++ that lack memory safety have the irritating property that a memory safety error anywhere in the dependency tree can be exploited to attack unrelated parts of the binary. In most languages you don’t have to worry that some stateless pure-function log formatter is secretly the gap in your armor.

Join us for AI Startup School this June 16-17 in San Francisco!
Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact