18 Aug
2006
18 Aug
'06
11:14 p.m.
You may be interested in the Singularity project (a research project at
Microsoft, no less). It (gasp!) abstracts away pointers; the IL used
for the entire OS (a subset of the CLR), the OS interface, et. al. is
designed such that processes can be "proven" to be safe -- and all
process protection is done _without_ the use of any CPU hardware.
http://research.microsoft.com/os/singularity/
Josh
Alexey Toptygin wrote:
On Fri, 18 Aug 2006, Brad Parker wrote:
I think this whole discussion is at the wrong
level. You need to free
yourself from the "C and pointers" mentality.
Why? Why should I tell myself that there are no pointers if in fact
pointers are in use? If I close my eyes will the processor stop
addressing memory? I don't thinks so.
If the userland application programming language
didn't have pointers
and had dynamic type checking you might find the whole problem just
goes away.
No, it bloody well doesn't. Security has never magically appeared. You
can't give up pointers for lent and discover you've become hackerproof.
pointers are not your friend unless you are
programming in assembler
(and believe me, C is just a nice portable assembler)
jump up a few levels. abstraction is your friend.
Abstraction does not stop someone from using the raw capabilities of
the machine. Only by taking away the ability to write to protected
memory can you achieve security.
(oh, and there is my "useless, off topic,
and confused" posting for the
month. just to stay on quota :-)
Seriously.
Alexey