Rule of 2 when using an unsafe language
I learned today from Google Security Blog that Google follows the Rule of 2 when writing code in an unsafe language (C/C++). The Rule of 2 says that you should pick no more than 2 of:
- untrustworthy inputs;
- unsafe implementation language; and
- high privilege
In other words, you should “always use a safe language, a sandbox, or not be processing untrustworthy inputs in the first place”.
I thought that this is relevant not only in programming, but also in life. In this internet age, when you read something, you should only read/internalize subjects that you are familiar with (“safe language”), do not spread anything that could be misinformation (“unprivileged sandbox”), or not be reading from untrustworthy sources in the first place.