And since you bring up Java, I guess JITs are not possible on HA. Larry Seltzer eWEEK.com Security Center Editor http://security.eweek.com/ http://blogs.pcmag.com/securitywatch/ Contributing Editor, PC Magazine [EMAIL PROTECTED]
-----Original Message----- From: Richard M. Smith [mailto:[EMAIL PROTECTED] Sent: Thursday, July 17, 2008 6:40 PM To: 'Drsolly'; Larry Seltzer Cc: funsec@linuxbox.org; [EMAIL PROTECTED] Subject: RE: [funsec] Texas Bank Dumps Antivirus for Whitelisting Code bytes only get security measures supported by the hardware. Data bytes can be subjected to additional security checks. For example, a JVM can implement a security model of its choosing for P-code. (From the viewpoint of the real CPU, P-Code is not instructions but just data bytes that gets processed like any other data.) Richard -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Drsolly Sent: Thursday, July 17, 2008 6:21 PM To: Larry Seltzer Cc: funsec@linuxbox.org; [EMAIL PROTECTED] Subject: Re: [funsec] Texas Bank Dumps Antivirus for Whitelisting On Thu, 17 Jul 2008, Larry Seltzer wrote: > >> Harvard architecture, unlike von Neumann architecture, had a strict > separation of > progrma and data store and representation. It would have been > impossible for a > program to modify its own or other executable material. Data was not > executable, > so SQL injection and XSS would have been impossible. (So would a lot of > other > things, but ...) > > I'm not a real computer scientist, I just play one online, but this > isn't how I thought it worked. SQL isn't actually executable code, it's > just data that program code uses in order to decide what to execute. A > program in a Harvard architecture is capable of going "if x==1 then > do_this() else if x==2 then do_that(); etc(),etc(),etc()" - can't it? > > Things like buffer overflows would be impossible with a Harvard > architecture, but I don't see why SQL injection or Trojan horse programs > or many other malicious items would be any less likely. What's the difference between bytes that are executable, and bytes that are used by the computer to decide what to do? _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
