In message <Pine.LNX.4.21.0008301721210.8315-100000 at balloon.cs.uni-magdeburg.de>
          Bert Freudenberg <bert at isg.cs.uni-magdeburg.de> wrote:

> On Wed, 30 Aug 2000, Ian Piumarta wrote:
> 
> > > > Since FFI is a major security risc I normally don't want it to 
> > > > be compiled into the VM. I also set SQUEAK_SECURE.  Am I paranoid? ;-)
> > 
> > It's not really that much more of a risk than the current named prims,
> > which give access to every single system call on the machine from
> > within Squeak.  (It just makes passing arguments to them a little less
> > problematic.)
> 
> Really? I thought with the non-FFI prims you can only load Squeak modules,
> which are distinguished by defining setInterpreter. It should not be
> possible to load any other shared object. And for the VM itself, the only
> the tables are used, not dlsym.
That is supposed to be the behaviour but this ld.so thingy is being too
'helpful'. On less 'helpful' platforms, a random OS or VM function
cannot be called. Personally, I find that reassuring.

tim

-- 
Tim Rowledge, tim at sumeru.stanford.edu, http://sumeru.stanford.edu/tim
Klingon Code Warrior:- 1) "Behold, the keyboard of Kalis!  The greatest Klingon code warrior that ever lived!"