Re: future of bytecode verifier

lua-l archive

[Date Prev][Date Next][Thread Prev][Thread Next] [Date Index] [Thread Index]

Subject: Re: future of bytecode verifier
From: Florian Weimer <fw@...>
Date: Wed, 04 Mar 2009 23:02:24 +0100

* Luiz Henrique de Figueiredo:

> The whole point is that providing a bytecode verifier that is flawed 
> (even if it's only in malicious code) gives you an illusion of safety.
> And this is as bad, or actually worse, than having no verifier.

You might also have to deal with PR fallout due to people disclosing
security vulnerabilities in the verifier, no matter how irrelevant
they are in practice.

References:
- future of bytecode verifier, Luiz Henrique de Figueiredo
- Re: future of bytecode verifier, A.
- Re: future of bytecode verifier, Thomas Harning
- Re: future of bytecode verifier, Luiz Henrique de Figueiredo

Prev by Date: Re: future of bytecode verifier
Next by Date: Re: OSX and loadlib
Previous by thread: Re: future of bytecode verifier
Next by thread: Re: future of bytecode verifier
Index(es):
- Date
- Thread