[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Help-smalltalk] [PATCH]Remove security framework

From: Gwenaël Casaccio
Subject: Re: [Help-smalltalk] [PATCH]Remove security framework
Date: Sun, 13 Jan 2013 12:34:26 +0100
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130106 Thunderbird/17.0.2

On 13/01/2013 08:56, Holger Hans Peter Freyther wrote:
On Sun, Jan 13, 2013 at 01:18:31AM +0100, Gwenaël Casaccio wrote:

Here is a patch that removes the security framework from the vm side
and the smalltalk side. It needs a review before applying.
What are the arguments to remove this code from the kernel/ and from
the vm/? Is the code in the vm hard to maintain? is the framework broken?
or is the policy framework just outdated?

Security in object based languages should be based on the capability model (
And as Paolo says it was never really used.

If I need security in Smalltalk, I would implement something like the e language model. It's more "smalltalkish", no global authority, just message sending. And a better security model also imply a better modular kernel, better module system, compiler, ...

-  p.untrustedContext = IS_OOP_UNTRUSTED (_gst_this_context_oop);
+  p.untrustedContext = false;
What is the reason to leave the untrustedContext around?

Thanks I will remove it

help-smalltalk mailing list

reply via email to

[Prev in Thread] Current Thread [Next in Thread]