Front page | perl.perl6.internals |
Postings from November 2002
At 10:17 PM +0000 10/30/02, Kv Org wrote:
>On Tue, 29 Oct 2002 09:55:23 -0800, Chromatic wrote:
>>
>>I'd really like to be able to save comments from
>>source files as metadata. This has at least two
>>potential benefits. First, it >makes it much easier
>>to recreate the whole file from bytecode (especially
>>refactored bytecode).
>>Second, it makes it possible to pull out method
>>documentation in the Smalltalk or Python sense.
>>
>> Maybe metadata's not the place for this, but it
>>seems rather natural to me.
>
>I always thought metadata in bytecode was the place
>for storing security/permission/capability related
>information about the compiled chunk. If we want Perl6
>and Parrot to handle security and limited code
>sandboxes better than Perl5's Safe.pm, this is a basic
>requirement.
Unfortunately not. (Though I really, *really* wish this was the case)
The bytecode data, all of it, must be considered completely
untrustworthy unless explicitly (and out-of-bandly) marked otherwise.
The code segment that invokes a stronger security context can be
considered out of band in this context, as it is for the code running
in the secure
The interpreter engine is responsible for enforcing security. It
*must*, when running with security turned on, assume that all
bytecode has been written by malicious vermin with too much time on
their hands and the morals (and ethics) of a rabid weasel. It just
can't be trusted, unfortunately. (Parrot bytecode is inherently
unverifiable as well, at least in the general case, which exacerbates
the problem)
--
Dan
--------------------------------------"it's like this"-------------------
Dan Sugalski even samurai
dan@sidhe.org have teddy bears and even
teddy bears get drunk
Thread Previous
|
Thread Next