[kaffe] Idea for a security compatible JIT

Timothy Stack stack at cs.utah.edu
Mon Oct 4 09:59:35 PDT 2004


> (I'm not subscribed, and I won't help you past this message, but it'd be
> nice to know you're working on this :)
> 
> Please respond, even if just to say you read the message.  :)  I'm
> interested in knowing whether or not you're interested in exploring this
> idea at all; although this is all the information I can offer (I can't
> help you rewrite your JVM or anything).
> 
> I've been looking at JVM and JIT for a while, and earlier today realized
> that the problems I've encountered are completely solvable so that a
> JIT, in the presence of flaws which cause it to produce poor code that
> can be exploited, can run under a secured system which imposes
> restrictions making current JIT methods impossible.  Such a system would
> mitigate many of such security flaws.
[stuff deleted]

I think mono kinda does this already, generating shared libraries with the 
JIT and then loading them in.  In fact, I would imagine most schemes for 
caching jitted code work this way as well.  It would be nice to have in 
kaffe, it just never struck anyones fancy I guess...

tim stack




More information about the kaffe mailing list