Important read for jos kernel developers:
http://www.research.att.com/~vj/bug.html
It appears as though it is possible for _verified_ code to crash a JVM
by spoofing one class with another.
On a related topic, I don't think it has been discussed here that
un-verified code can crash a JVM. The Java language stops you from doing
stupid things but the JVM does not (when verification is turned off). It
is possible to craft a Java class from hand-written bytecodes that will
crash a JVM if it is not checked by the verifier.
Interestingly, the verifier is only executed on applets. Applications
will not be verified unless you explicitly ask for this to happen. This
is because loading a class takes significantly longer if it needs to be
verified.
Since the kernel provides no memory protection (following the assumption
that Java code can't corrupt memory) and since there is only one JVM
instance for the whole operating system, we must verify all code that is
to be executed, otherwise one program can bring down the whole system.
It would be useful if the JVM could remember if it has already verified
a particular class so each class is only ever verified once -- until
that class file is changed.
--
Ryan Heise
http://www.progsoc.uts.edu.au/~rheise/
_______________________________________________
Kernel maillist - [EMAIL PROTECTED]
http://jos.org/mailman/listinfo/kernel
