OT: python use in xfce
Robin Haswell
rob at digital-crocus.com
Thu Apr 20 01:30:15 CEST 2006
Aaron wrote:
> no, but im well aware that theres many python haters here. i just dont
> understand all of this hate for a language unless theyve acctaully
> programmed in it for long periods of time...
No, but there are other viewpoints as well. If Toyota made a car with a faulty braking system
(obtuse example, it's late) that was killing people, I would "hate" (actually I would "stay the hell
away from" - applies here) that model, or even that company, on those grounds. Putting that in
context, as a system admin I've patched too many buffer overflows in trivial software to have a
positive view of C/C++ in those uses. I dislike that my systems are at risk because people write
software in low-level languages that make it all too easy to cause these problems. I'm not really
having a go at those developers or even C itself (because that's stupid), just the general mindset
that all software should be written in C/C++.
Let's have a quick look at my debian security announces:
http://www.debian.org/security/2006/dsa-1023
Buffer oveflow in Kaffeine. Why was this written in C++? I'm in to guessing here, but I reckon the
majority of this software is wrappers around gstreamer/other libraries, KDE/QT libs with the bulk of
the source being "GUI" and "glue". All I'm saying is, if it was written in Python or Mono or
whatever, it wouldn't be vulnerable to this attack and it would probably be a lot easier to maintain
and add features to. As it happens it experience a buffer overflow in what is probably one of the
only bits of network code in the entire app.
One more point before I try to go to bed: I use worship an editor called "Pida", written in Python
(for Python), that embeds gvim as its editor and bolts on a load of functionality using a proper
GTK2 interface. It loads maybe 20% slower than gedit but has a heapload more functionality, and it's
only at 0.3.1. In this respect it's using vim as a library, a library that's dog-old and well
tested. That's fine. And as a further bonus, when it encounters programming errors I get a traceback
popup, I click "OK" and carry on editing. I've never experience an unrecoverable error. In my world,
this is how software should be written. Microsoft knows this, and they gave us .NET.
-Rob
More information about the Xfce4-dev
mailing list