On 31-Jul-06, at 1:43 PM, Ron Teitelbaum wrote:

> Tim,
>
> Shall I take this to mean that removing the compiler is possible

Certainly should be.

> and would
> be enough to prevent new code from entering the system?

Ah, well since one could install compiled methods from a  
SmartRefStream or by loading a project (neither of which need the  
compiler so far as I recall), or indeed by assembling one from a  
simple array of bytes, I suspect it will take a bit more to be really  
secure.

You could for example tweak Behavior addSelector:withMethod: (and  
maybe others? I hope not) so that no new method can be installed in a  
method dictionary and also remove methods like Object  
withArgs:executeMethod: that will run a compiled method directly.

tim
--
tim Rowledge; tim at rowledge.org; http://www.rowledge.org/tim
Strange OpCodes: NBR: Unconditional No BRanch