SEC: object security

Raul Deluth Miller
Mon, 31 Oct 1994 15:41:29 -0500

Francois-Rene Rideau:
. But with this protection scheme, we need be sure binaries won't
. forge object handles. That's why the system should only run binaries
. with some secure PGP signature, that only a safe compiler can
. produce.

Um.. for a compiler to produce "safe binaries" it's going to have to
be very careful about run time errors, like array bounds checking.
Basically, you can't expose the architecture of the operating system
to the compiler -- which implies that we need another compiler (or a
compiler option?) to produce "unsafe binaries" to get the system

Raul D. Miller           n =: p*q             NB. 9<##:##:n [.large prime p, q
<>  y =: n&|&(*&x)^:e 1  NB. -.1 e.e e.&factors<:p,q [.e<n
                         NB.  public e, n, y
                         x -: n&|&(*&y)^:d 1  NB. 1=(d*e)+.p*&<:q