Howdy, > > As another example, say we want to restrict access in a sandbox to a > handfull of objects. If Lorito permits pointer arithmetic, it could > become very tricky to guess where things will wind up pointing. > > Both of these examples leave us in a bad situation: either permit > possibly unsafe operations, or explain to users what hoops they have > to jump through to get their bytecode to validate as safe.
I am very interested in making our security layer as robust as possible. Would the problems that you describe be mitigated by having runloops that have certain opcodes removed? That way, if some funny business happens via a security hole, the worst a malicious attacker could do is generate a missing opcode error, instead of possibly running arbitrary code. Duke -- Jonathan "Duke" Leto [email protected] http://leto.net _______________________________________________ http://lists.parrot.org/mailman/listinfo/parrot-dev
