[kaffe] Idea for a security compatible JIT
stack at cs.utah.edu
Mon Oct 4 09:59:35 PDT 2004
> (I'm not subscribed, and I won't help you past this message, but it'd be
> nice to know you're working on this :)
> Please respond, even if just to say you read the message. :) I'm
> interested in knowing whether or not you're interested in exploring this
> idea at all; although this is all the information I can offer (I can't
> help you rewrite your JVM or anything).
> I've been looking at JVM and JIT for a while, and earlier today realized
> that the problems I've encountered are completely solvable so that a
> JIT, in the presence of flaws which cause it to produce poor code that
> can be exploited, can run under a secured system which imposes
> restrictions making current JIT methods impossible. Such a system would
> mitigate many of such security flaws.
I think mono kinda does this already, generating shared libraries with the
JIT and then loading them in. In fact, I would imagine most schemes for
caching jitted code work this way as well. It would be nice to have in
kaffe, it just never struck anyones fancy I guess...
More information about the kaffe