* Crispin Cowan wrote on Fri, Jun 22, 2001 at 09:47 -0700:
> > beauty is in the eye of the beholder. perl is much more legible to me than
> > c++, and i prefer c++ legibility to many other languages.
>
> You are definitely on crack. PERL is world renowned as the "write only
> programming language." PERL provides five ways to do any given
> thing. This makes it convenient to do rapid prototyping,
You are right when you say: it's easy to write hard readble code
in perl. Same for C/C++. But with perl it's easy to write well
reable code, too. Decipline has to come from the developer.
Useing tree of that five ways you can even increase reability
more, buit this depends on the style of the developer. i.e. you
can use "if" before the statement if the condition is unexpected
(or "seldom") and before otherwise. Better an example. If usually
a!=0 write:
$b=100/$a
unless ($a == 0);
if a is usally 0 write:
unless ($a == 0) {
$b = 100/$a;
}
unless itself is more reable than "if" (except if you come from
C and are not trained with perl)
> Unfortunately, it also means that the odds are that the author
> of the software you're trying to read chose a different way to
> do something than the one you're familiar with.
Perl is a complex and big language. Because of this it's more
hard to learn of course. But if you try to make reable code with
perl, it's possible. If you're not familiar with hashes as
datastructures, it's hard to understand of course, but if you
are, it's often more intuitive as having some lists with
pointers...
> This makes it relatively hard to read the code. In the
> alternative, it makes it 5 times harder to fully understand the
> PERL language by memorizing every single construct.
oki, I agree.
> > > Scripting languages such as Perl are useful for quick hacks, but
>
> I do, for the above reasons.
I disagree here. You can write really nice classes / packages
with perl. If you use getter/setter, you can make a type-safe
class (but only at runtime, which is not perfect, I know). You
can reject illegal values. Same with tie, you can even force some
int to stay in some rangs like in Ada.
Perl is highly customizable. You can "use strict;" but you don't
have to. All-in-all, I would say: With perl it's easy to write
both unreable and reable code.
> > the majority of the program crashes in this world are related
> > to C/C++ and its use of pointers.
>
> That's because C/C++ is also a type-unsafe language.
>
> Perl programs don't "crash", but they do produce unexpected
> results. Perl is at least as guilty as C of encouraging slack
> developers into believing that their program is correct just
> because it appears to "work."
With the right coding style you can reduce that risk a lot. You
can implement an exception-style processing if desired. Perl
doesn't forces you to use some stlye, since I cannot know your
problem. If you need to shot you in the foot you can do, it's not
job of an language to prevent this (I know the exceptions :)).
> > it is very easy to write secure perl programs.
Let's say: possible. You will have at least good programming
guidelines and of course you need to keep some attention.
> No, it is very easy to write perl programs. To be secure, they
> would have to be audited, and auditing them is hard because
> PERL is hard to read.
Let's say: Some Perl programs are hard to read. Well, and of
course it's helpful to have some comments at the right place,
i.e. in regular expressions. It's possible.
> This is true. However, we're talking about the merrits of the
> programming languages. Neither Perl nor C/C++ are very good
> for security.
Compared with C, I thing perl is really secure. And if it's
unsecure, usually the "damages" of insecure perl programs are
less than that of C programs. I.e. with the taint-mode an
attacker may DoS your CGI, but it's not easy to exploit them (if
the developer hadn't shoot herself in the foot :)).
> Perl is good for rapid prototyping,
yep, for instance.
> C is good for high performance,
for instance, yes.
> Java is a much stronger contender for secure
> programs, primarily because it is type safe.
Same for Ada, yep, I has adantages to have real types, i.e. int
ranges.
oki,
Steffen
--
Dieses Schreiben wurde maschinell erstellt,
es trägt daher weder Unterschrift noch Siegel.
This archive was generated by hypermail 2b30 : Tue Jun 26 2001 - 14:12:05 PDT