Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

If a function that causes security vulnerabilities if you fail to read the documentation diligently doesn't count as a landmine to you, what does?

Please provide examples in other languages (eg rust) so that I can answer your original question properly and to your satisfaction



No, it's not a function that causes it. It's the dev who is sloppy and causes issues. Would you blame the scalpel or brain surgeon for mishap while cutting important bits in the brain?

What kind of logic is this, to blame the tool because you have no clue how to use it?


That's a very good analogy because they had to stop using scalpels in brain surgery because the surgeons kept making mistakes.

Tools must be designed so that they're difficult to use incorrectly. That's why we have guards and interlocks on any tool more complicated than a shovel.


Function has 3 arguments. It's documented. Use cases are documented. You are trained. You ask for.. even more protection? From what? There's a limit to laziness, it takes more time to do this word-warrioring on HN than to learn how to use the function correctly and how to create a wrapper around it that serves as the protection you seek.

This really isn't that hard, we're not trying to travel to Mars.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: