From: Alex Baretta <alex@barettadeit.com>
To: Ocaml <caml-list@inria.fr>
Subject: Re: [Caml-list] Securely loading and running untrusted modules
Date: Tue, 05 Apr 2005 16:09:26 +0200 [thread overview]
Message-ID: <42529C16.4070604@barettadeit.com> (raw)
In-Reply-To: <20050405131608.GB5103@furbychan.cocan.org>
Richard Jones wrote:
> On Tue, Apr 05, 2005 at 09:55:32PM +0900, Nicolas Cannasse wrote:
>
>>I think that current VM is optimized for speed and doesn't do more bytecode
>>checking than strictly necessary. That means that someone could forge some
>>bytecode file that would take control of the VM and then can call the whole
>>C api. Tricky, but feasible.
>
>
> I'm hoping that by compiling from source I'll avoid any bytecode
> attacks. Is there a way to generate faulty bytecode from a source
> file?
>
> Rich.
alex@alex:~$ ocaml
Objective Caml version 3.08.2
# external pizza : 'a -> 'b = "%identity";;
external pizza : 'a -> 'b = "%identity"
# pizza 1 = "pasta";;
Segmentation fault
--
*********************************************************************
http://www.barettadeit.com/
Baretta DE&IT
A division of Baretta SRL
tel. +39 02 370 111 55
fax. +39 02 370 111 54
Our technology:
The Application System/Xcaml (AS/Xcaml)
<http://www.asxcaml.org/>
The FreerP Project
<http://www.freerp.org/>
next prev parent reply other threads:[~2005-04-05 14:09 UTC|newest]
Thread overview: 11+ messages / expand[flat|nested] mbox.gz Atom feed top
2005-04-05 12:14 Richard Jones
2005-04-05 12:55 ` [Caml-list] " Nicolas Cannasse
2005-04-05 13:16 ` Richard Jones
2005-04-05 14:09 ` Alex Baretta [this message]
[not found] ` <42529C01.2080609@barettadeit.com>
2005-04-05 14:17 ` Richard Jones
2005-04-05 14:36 ` Jacques Garrigue
2005-04-05 20:58 ` sejourne_kevin
2005-04-05 21:02 ` Jacques Garrigue
2005-04-06 7:59 ` sejourne_kevin
2005-04-05 14:38 ` Virgile Prevosto
2005-04-05 14:40 ` Daniel Bünzli
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=42529C16.4070604@barettadeit.com \
--to=alex@barettadeit.com \
--cc=caml-list@inria.fr \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox