[squeak-dev] Mirror primitives
Eliot Miranda
eliot.miranda at gmail.com
Mon Sep 7 23:33:51 UTC 2009
Eliot (phone)
On 7 Sep 2009, at 14:35, "Jecel Assumpcao Jr" <jecel at merlintec.com>
wrote:
> I would just like to mention that Self (and it is likely that Newspeak
> too, but I haven't looked) has mirror *objects* and not mirror
> *primitives*. Yes, these objects actually use primitives to get their
> work done but these primitives don't work for any objects other than
> mirrors (and if Self didn't have a global namespace for primitives,
> this
> check wouldn't even be necessary since non mirror objects wouldn't
> even
> have a way to try to invoke these primitives).
>
> The mirror objects operate on only one object that is stored as an
> "instance variable" when the mirror was created, so you can't pass
> random objects as parameters. To have a secure system you would only
> have to control the code that allows new mirrors to be created.
> Unfortunately, Self didn't do that but instead allows anybody to
> create
> a mirror on anybody else. It wouldn't be very hard to do, however. Of
> course, as has already been pointed out this wouldn't get you much in
> terms of security if you keep all the current holes that Squeak has.
>
Ok, that presents a straight-forward e xtension to the primitive
implementations (forgive typoes; I'm at the park + kids). If the
argument count is higher than the base primitive's we insist on the
receiver being a context who's receiver is the object to be acted
upon, e.g.
primitiveInstVarAt
(argumentCount > 2
and: [(self isIntegerObject: (self stackValue: argumentCount))
or: [(self isContext: (self stackValue: argumentCount))
not
or: [(self fetchPointer: ReceiverIndex ofObject: (self
stackValue: argumentCount)) ~= (self stackValue: 2)]]]]) ifTrue:
[^self primitiveFail].
....
then the mirror primitives are safe.
Yes?
> One possible objection to mirror objects is that you might need to
> create them exactly in situations where creating new objects might
> cause
> problems (low memory or certain kinds of bugs).
>
> http://bracha.org/mirrors.pdf has good background information for
> anybody having problems keeping up with this thread.
>
> -- Jecel
>
>
More information about the Squeak-dev
mailing list
|