'''Secure by design''' discusses the security issues related to computer programs, and the features of Tcl that facilitate the development of secure programs. ** Description ** [Sarnold]: although lots of system applications are written in [C]/[C++], we can consider that writing a new application in these languages is a lot more work, and lead to security holes. And scripting languages are now strong, so according to [Ousterhout's Dichotomy], we should write in [C]/[C++]/[Java] the critical part of the application that cannot be written in a scripting language, or would be unbeareably slow. The rest of this page is trying to compare [Tcl] security against other programming languages to serve [Tcl marketing]. (Of course, we will exclude [C]/[C++]/whatever compiled language from this comparison) ---- * [Tcl is immune to many "format string vulnerabilities"] * Tcl programs are immune to buffer overflows (as long as the Tcl interpreter is; [DString]s help a lot) * No Y2K bug * Fully integrated [Unicode], where most other languages need special syntax and still have problems handling UTF-8 strings. * [Tcl] can be compiled with [Thread]s. [AOLServer] has been multithreaded long before [Apache]/[PHP]. * Backwards-compatibility: Tcl provides the best effort in this dimension. * [Safe interps] makes it possible to run user-defined scripts without fearing an attack. * You do not have to check ''nil''s as in [Java], [Python], [Lua]... * It is easy to manage Tcl [package]s. With [starkit]s and [starpack]s, deployment is easy. You would not ask yourself a long time what package is outdated or missing to make work your application. * [Prowrap] and [ActiveState] tools can encrypt the sources. * Although there is no official debugger, interactive debugging in [GUI] mode is terrific. Just embed [tkcon] in your project and you have a full control on your application under your fingertips. * There is a huge testing work that has been done on the Tcl interpreter, as well as the Tk toolkit. [Tcl] has been ported to a wide range of existing systems. [Tk] is one of the most well-tested GUI toolkits. * Because of [EIAS], the [http://fishbowl.pastiche.org/2015/11/09/java_serialization_bug/%|%The Java deserialization bug] and vulnerabilities in its class aren't going to happen, simply because it isn't common practice in Tcl programming to serialize arbitrary object types. ** Safe Intepreters ** Safe interpreters are a feature missing in almost every other language ([Java] has a similar functionality, but with such complexity that I cannot even think of it). ** Unicode ** Tcl currently (summer 2007) only supports the Basic Multilingual Plane of Unicode (16-bit character codes, as up to version 2.1 of the standard), but this is mostly an internal implementation detail, and neither Tcl scripts nor compiled extensions should need to be changed when full support gets implemented. <> Tcl Marketing | Security