[Seaside] Seaside playground
stephane.ducasse at free.fr
Wed Jan 13 08:16:34 UTC 2010
I asked gwenael to see what can be done with his infrastructure and after the tools deadline I will really ask him
to use it as a casestudy.
same for jean-baptiste
On Jan 12, 2010, at 10:12 AM, Lukas Renggli wrote:
>> could they use your trick with using the debugger to interpret bytecode you did years ago.
> Yes, that would make it slightly more secure, because one could also
> check also the calls within the code and the receivers and arguments.
> As with all the previous improvements, this will just make it slightly
> more time consuming to find a working exploit. A highly reflective and
> unsecured system like Smalltalk cannot be protected like that. If the
> language doesn't provide the infrastructure to be secure (for example
> through immutable objects, special execution environments, etc.) this
> is not reasonably possible
> Lukas Renggli
> seaside mailing list
> seaside at lists.squeakfoundation.org
More information about the seaside