[Date Prev][Date Next][Thread Prev][Thread Next]
- Subject: Re: future of bytecode verifier
- From: Luiz Henrique de Figueiredo <lhf@...>
- Date: Wed, 4 Mar 2009 17:21:56 -0300
> If possible, pulling the bytecode verifier to an external library
> would be useful... that way it could be optional.
The whole point is that providing a bytecode verifier that is flawed
(even if it's only in malicious code) gives you an illusion of safety.
And this is as bad, or actually worse, than having no verifier.