Le Lundi 31 Juillet 2006 18:36, Bert Freudenberg a écrit :
> Am 30.07.2006 um 06:15 schrieb Ron Teitelbaum:
> > Hello all,
> >
> > I’m currently working on a TLS / SSL implementation and on windows
> > I am planning to support the Certificate Store that is built in.
> > This requires me to use the CryptoAPI dlls.
>
> Well ... FFI is inherently unsafe - it allows to call any C function
> in any library. So depending on the area of application this might be
> a problem, since you're giving up the relative safety of a VM-based
> system. For example, if the VM's sandbox is enabled, FFI calls are
> disallowed, so you could not use crypto in a sandboxed environment.
>
> - Bert -

FFI is unsafe of course as C code is unsafe.
But you have to explain why a plugin would be safer.

In the plugin case, user has to deal with pointers on data too, he has to do 
conversions by hands where FFI would automate part of this process and he has 
to be extremely carefull with object creation that might break previously 
collected pointers in Smalltalk space.

IMHO, plugins are harder to write than FFI calls.

So, the plugin are maybe safer because only a few well experienced and well 
behaved programmers dare jump the hurd, in a word because it is rarely 
used...

I am exagerating a bit of course. Am i?

Nicolas