1995-10-10 - Re: java security concerns

Header Data

From: cman@communities.com (Douglas Barnes)
To: cypherpunks@toad.com
Message Hash: e404f0cfc9be7af0592ce79341d454f730f221d4fec6ca613e27517d1a3590cd
Message ID: <v02120d03aca05dde70fb@[199.2.22.120]>
Reply To: N/A
UTC Datetime: 1995-10-10 16:39:04 UTC
Raw Date: Tue, 10 Oct 95 09:39:04 PDT

Raw message

From: cman@communities.com (Douglas Barnes)
Date: Tue, 10 Oct 95 09:39:04 PDT
To: cypherpunks@toad.com
Subject: Re: java security concerns
Message-ID: <v02120d03aca05dde70fb@[199.2.22.120]>
MIME-Version: 1.0
Content-Type: text/plain



Simon Spero wrote:
>In my previous message, I left out some fundamental parts of the run-time
>that need to be looked at carefully. The garbage collection needs to be
>examined carefully. Normally GC algorithms are formally derived, so it's
>the implementation that needs to be checked for. holes in the GC may be
>too unpredictable to exploit for anything but core-dumping, especially since
>java uses a mark-sweep conservative collector.
>

FWIW, we had some ideas about how to attack the GC from untrusted code,
involving resurrection of objects during finalization. This turned out
not to work -- the Javoids apparently anticipated this problem in their
design.







Thread