[squeak-dev] Mirror primitives

Eliot Miranda eliot.miranda at gmail.com
Mon Sep 7 23:33:51 UTC 2009



Eliot (phone)

On 7 Sep 2009, at 14:35, "Jecel Assumpcao Jr" <jecel at merlintec.com>  
wrote:

> I would just like to mention that Self (and it is likely that Newspeak
> too, but I haven't looked) has mirror *objects* and not mirror
> *primitives*. Yes, these objects actually use primitives to get their
> work done but these primitives don't work for any objects other than
> mirrors (and if Self didn't have a global namespace for primitives,  
> this
> check wouldn't even be necessary since non mirror objects wouldn't  
> even
> have a way to try to invoke these primitives).
>
> The mirror objects operate on only one object that is stored as an
> "instance variable" when the mirror was created, so you can't pass
> random objects as parameters. To have a secure system you would only
> have to control the code that allows new mirrors to be created.
> Unfortunately, Self didn't do that but instead allows anybody to  
> create
> a mirror on anybody else. It wouldn't be very hard to do, however. Of
> course, as has already been pointed out this wouldn't get you much in
> terms of security if you keep all the current holes that Squeak has.
>

Ok, that presents a straight-forward e xtension to the primitive  
implementations (forgive typoes; I'm at the park + kids).  If the  
argument count is higher than the base primitive's we insist on the  
receiver being a context who's receiver is the object to be acted  
upon, e.g.

primitiveInstVarAt
     (argumentCount > 2
     and: [(self isIntegerObject: (self stackValue:  argumentCount))
              or: [(self isContext: (self stackValue:  argumentCount))  
not
              or: [(self fetchPointer: ReceiverIndex ofObject: (self  
stackValue:  argumentCount)) ~= (self stackValue: 2)]]]]) ifTrue:
             [^self primitiveFail].

      ....

then the mirror primitives are safe.

Yes?



> One possible objection to mirror objects is that you might need to
> create them exactly in situations where creating new objects might  
> cause
> problems (low memory or certain kinds of bugs).
>
> http://bracha.org/mirrors.pdf has good background information for
> anybody having problems keeping up with this thread.
>
> -- Jecel
>
>



More information about the Squeak-dev mailing list