At 10:17 PM +0000 10/30/02, Kv Org wrote: >On Tue, 29 Oct 2002 09:55:23 -0800, Chromatic wrote: >> >>I'd really like to be able to save comments from >>source files as metadata. This has at least two >>potential benefits. First, it >makes it much easier >>to recreate the whole file from bytecode (especially >>refactored bytecode). >>Second, it makes it possible to pull out method >>documentation in the Smalltalk or Python sense. >> >> Maybe metadata's not the place for this, but it >>seems rather natural to me. > >I always thought metadata in bytecode was the place >for storing security/permission/capability related >information about the compiled chunk. If we want Perl6 >and Parrot to handle security and limited code >sandboxes better than Perl5's Safe.pm, this is a basic >requirement. Unfortunately not. (Though I really, *really* wish this was the case) The bytecode data, all of it, must be considered completely untrustworthy unless explicitly (and out-of-bandly) marked otherwise. The code segment that invokes a stronger security context can be considered out of band in this context, as it is for the code running in the secure The interpreter engine is responsible for enforcing security. It *must*, when running with security turned on, assume that all bytecode has been written by malicious vermin with too much time on their hands and the morals (and ethics) of a rabid weasel. It just can't be trusted, unfortunately. (Parrot bytecode is inherently unverifiable as well, at least in the general case, which exacerbates the problem) -- Dan --------------------------------------"it's like this"------------------- Dan Sugalski even samurai dan@sidhe.org have teddy bears and even teddy bears get drunkThread Previous | Thread Next