asqueaker at gmail.com
Thu Mar 18 01:23:16 UTC 2010
> In SecureSqueak, direct invasive object access using basicAt:put:,
> at:put: and so forth will be disallowed.
I've always wondered what good this would do, blocking particular
kinds of object-access api's. Couldn't an attacker easily just
(mis)use whatever legal-api to wreak havoc anyway?
More information about the Squeak-dev