[kaffe] Re: Idea for a security compatible JIT

Tony Wyatt wyattaw at optushome.com.au
Mon Oct 4 16:17:06 PDT 2004


Hi Timothy,

On 10/04/2004, you wrote:

>> I've been looking at JVM and JIT for a while, and earlier today realized
>> that the problems I've encountered are completely solvable so that a
>> JIT, in the presence of flaws which cause it to produce poor code that
>> can be exploited, can run under a secured system which imposes
>> restrictions making current JIT methods impossible.  Such a system would
>> mitigate many of such security flaws.
> 
> I think mono kinda does this already, generating shared libraries with the
> JIT and then loading them in. In fact, I would imagine most schemes for
> caching jitted code work this way as well. It would be nice to have in
> kaffe, it just never struck anyones fancy I guess...
> 
It certainly is one approach to the caching problem that I've wanted to try
under AmigaOS - write the code as a shareable library to RAM Disk:, set the
protection bits as an executable file, then run it under the OS, with full
access to system facilities and security.

cheers





More information about the kaffe mailing list