SEC: object security

Raul Deluth Miller rockwell@nova.umd.edu
Mon, 31 Oct 1994 15:41:29 -0500

Previous message: SEC: object security
Next message: SEC: object security
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Francois-Rene Rideau:
. But with this protection scheme, we need be sure binaries won't
. forge object handles. That's why the system should only run binaries
. with some secure PGP signature, that only a safe compiler can
. produce.

Um.. for a compiler to produce "safe binaries" it's going to have to
be very careful about run time errors, like array bounds checking.
Basically, you can't expose the architecture of the operating system
to the compiler -- which implies that we need another compiler (or a
compiler option?) to produce "unsafe binaries" to get the system
working.

-- 
Raul D. Miller           n =: p*q             NB. 9<##:##:n [.large prime p, q
<rockwell@nova.umd.edu>  y =: n&|&(*&x)^:e 1  NB. -.1 e.e e.&factors<:p,q [.e<n
                         NB.  public e, n, y
                         x -: n&|&(*&y)^:d 1  NB. 1=(d*e)+.p*&<:q

Previous message: SEC: object security
Next message: SEC: object security
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]