Squeak VM stability?
Mathieu Suen
mathk.sue at gmail.com
Fri Dec 28 23:22:27 UTC 2007
Hi,
On Dec 28, 2007, at 10:41 PM, Michael van der Gulik wrote:
> Hi all.
>
> Is the policy of the VM makers (whoever they currently are) to
> prevent the VM from crashing, particularly when given malicious
> bytecodes?
Perhaps on way to solve the problem is to avoid loading bytecode,
instead load the source code that is compiled with a trust compiler.
In Smalltalk the bytecode can be easily decompile so if the intension
is to hide the code it doesn't worth loadin bytecode.
>
>
> This is a general question, mostly related to http://bugs.squeak.org/view.php?id=1395
> which is now closed. Is it considered a bug if I can crash the VM
> with a maliciously crafted method?
>
> Which direction would the Squeak community want to go in? Should we
> aim to have a VM that would never seg fault and dump core (or blue
> screen under Windows), regardless of what rubbish is fed to it?
> Doing extra sanity checks and bounds checking would possibly have a
> performance penalty.
>
> Regards,
> Gulik.
>
> --
> http://people.squeakfoundation.org/person/mikevdg
> http://gulik.pbwiki.com/
Mth
More information about the Squeak-dev
mailing list
|