[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Virtual Machine in the abstract (was Re: [DotGNU]What languages shou

From: Fergus Henderson
Subject: Re: Virtual Machine in the abstract (was Re: [DotGNU]What languages should DotGNU support?)
Date: Mon, 2 Dec 2002 20:44:38 +1100
User-agent: Mutt/1.3.28i

On 02-Dec-2002, Gopal V <address@hidden> wrote:
> If memory serves me right, Fergus Henderson wrote:
> > AFAIK pnetC and other C/C++ compilers for .NET (lcc, MSVC) all generate
> > unverifiable IL code, in general.  So they don't provide any security
> > guarantees.
> Unsafe , not unverifiable ...

Well, it's both unsafe and unverifiable.

> Unsafe code can mess up memory, and segfault
> like any other C code .. If you use C/C++ , you already got a gun locked 
> on to your foot ... :-)

Not necessarily.  I believe there are error-checking C interpreters
around, that can provide safe execution of C code.  It's just that
pnetC isn't one of them, AFAIK, and nor are any of the other C
implementations that generate .NET IL.

> All the security guarantees it can provide as the usual provided by any 
> VM .. blocking native calls, checking for permissions to a library , and
> isolated file storage ..

That doesn't help, because unverifiable IL code can write to arbitrary
memory locations and can as a result cause the VM interpreter to execute
arbitrary machine code.

Fergus Henderson <address@hidden>  |  "I have always known that the pursuit
The University of Melbourne         |  of excellence is a lethal habit"
WWW: <>  |     -- the last words of T. S. Garp.

reply via email to

[Prev in Thread] Current Thread [Next in Thread]