Secure Coding mailing list archives

Compilers

From: tholleb at teknowledge.com (Tim Hollebeek)
Date: Wed, 27 Dec 2006 10:50:55 -0800

However, not 
all of the kinds of things should be put in the compiler (how 
many coders do you know that use the -Wall??!).


All the decent ones???  I remember people talking about "Warning 
free with -Wall" as a minimal requirement, and personally using 
that standard, over 15 years ago.  And that was just for code
quality reasons.  Granted, many monkeys with keyboards were
pulled into the industry during the 90s IT boom, but are shops
that insist on warning free compiles really that rare?

I'm not sure "How can we create secure software in an environment
where people don't even conform to minimalist software engineering
principles?" is a helpful topic for discussion as a way forward,
no matter how useful it may be as a source for tool and consulting
revenue.

Tim Hollebeek
Research Scientist
Teknowledge Corp.

Current thread:

Compilers Gary McGraw (Dec 21)
- Compilers Tim Hollebeek (Dec 27)
- <Possible follow-ups>
- Compilers David A. Wheeler (Dec 21)
- Compilers Gary McGraw (Dec 21)
  - Compilers mikeiscool (Dec 22)
  - Compilers James Walden (Dec 22)
- Compilers SC-L Subscriber Dave Aronson (Dec 27)
  - Compilers Leichter, Jerry (Dec 27)
- Compilers David A. Wheeler (Dec 28)
  - Compilers Leichter, Jerry (Dec 29)
    - temporary directories Robert C. Seacord (Dec 29)
    - temporary directories ljknews (Dec 29)

(Thread continues...)