java security concerns
Douglas Barnes
cman at communities.com
Tue Oct 10 09:39:04 PDT 1995
Simon Spero wrote:
>In my previous message, I left out some fundamental parts of the run-time
>that need to be looked at carefully. The garbage collection needs to be
>examined carefully. Normally GC algorithms are formally derived, so it's
>the implementation that needs to be checked for. holes in the GC may be
>too unpredictable to exploit for anything but core-dumping, especially since
>java uses a mark-sweep conservative collector.
>
FWIW, we had some ideas about how to attack the GC from untrusted code,
involving resurrection of objects during finalization. This turned out
not to work -- the Javoids apparently anticipated this problem in their
design.
More information about the cypherpunks-legacy
mailing list