[langsec-discuss] Enforcing validation layer with types

Will Sargent will.sargent at gmail.com
Tue Dec 18 01:09:16 UTC 2012


I've been thinking about language security, and what causes problems
for me personally when I'm trying to make sure I've enforced a
security layer in code.

One of the things that stood out for me is that I really don't like
raw types: Strings / Ints / Dates etc don't have any semantic value
assigned to them, and so you don't know if what you're accepting has
been checked and validated as correct, or you're being passed a
mickey.

I did some research, and wrote up a blog post:
http://tersesystems.com/2012/12/16/problems-scala-fixes

The relevant bit here is that Haskell's newtype system (and soon
Scala's value class in 2.10) makes it very easy to define types which
say ValidString or PastDate as arguments, and so can't be passed input
which hasn't been through a validator (which is not to say they can't
be passed invalid input.

I know this isn't the main thrust of Meredith's talk on context free
grammars and the like, but I think it would be helpful if API
designers baked validation concerns right into the API itself.

Will.


More information about the langsec-discuss mailing list