Speaking to developers at a programming event, Gosling commented that, “The Microsoft folks made a big deal of being able to support C and C++ on the [common language runtime], and that, to my mind, is one of the stupidest, most offensive things they could have done.”
The problem, said Gosling, is that several features of C and C++ are not consistent with or bounded by tight memory model integrity.
“C++ allowed you to do arbitrary casting, arbitrary adding of images [and] pointers, and converting them back and forth between pointers in a very, very unstructured way,” said Gosling, who currently serves as chief technology officer of Sun’s developer products group.
Gosling went on to compare .NET’s security model to that of Java, saying, “A lot of things in [Java’s] exception handling, they depend really critically on the fact that there is some integrity to the properties of objects. So if somebody gives you an object and says, This is an image,’ then it is an image. It’s not like a pointer to a stream, where it just casts an image.”
Also on hand at the event was Microsoft developer Charles Sterling, who defended his company’s product by pointing out that .NET requires additional permission to execute C and C++, so developers have the freedom to decide for themselves whether to use older, unsafe code in their applications.
Sterling added that of more than one thousand developers using .NET frameworks, he knows of only one who is implementing C and C++ in his applications.
