cryptoanarchy.wiki

Arise, you have nothing to lose but your barbed wire fences!

1996-01-24 - Re: Hack Java

Header Data

From: heesen@zpr.uni-koeln.de (Rainer Heesen)
To: cypherpunks@toad.com
Message Hash: b5265f2820a79f6a069ffd26383de00b499b39db80ec9606835c978a75479f7f
Message ID: <9601240930.ZM24939@Sysiphos.MI.Uni-Koeln.DE>
Reply To: <199601240433.RAA30064@bats.comp.vuw.ac.nz>
UTC Datetime: 1996-01-24 09:07:39 UTC
Raw Date: Wed, 24 Jan 1996 17:07:39 +0800

Raw message

From: heesen@zpr.uni-koeln.de (Rainer Heesen)
Date: Wed, 24 Jan 1996 17:07:39 +0800
To: cypherpunks@toad.com
Subject: Re: Hack Java
In-Reply-To: <199601240433.RAA30064@bats.comp.vuw.ac.nz>
Message-ID: <9601240930.ZM24939@Sysiphos.MI.Uni-Koeln.DE>
MIME-Version: 1.0
Content-Type: text/plain


On Jan 24,  5:33pm, Matthew Sheppard wrote:
> Aside from memory management in java being internal to the virtual
> machine as covered in other posts  Java is a strongly typed language.
> There is no notion of void * (pointers that point to anything) and the
> current implementation ensures the pointer is either null or valid.
>
> Even if you could the current implementation disallows any pointer
> arithmetic at all! i.e no pointer++;
>
>-- End of excerpt from Matthew Sheppard

I think the mentioned security hole is not a source level problem. The question
is how will the Java interpreter act, if there is a patched applet. Is there
any control of pointer assignments?


- Rainer

---

 RAINER HEESEN
 Adresse:    Zentrum fuer Paralleles Rechnen
             Universitaet zu Koeln
             50923 Koeln
 Telefon:    +49 221 470 6021
 Fax:        +49 221 470 5160
 eMail:      heesen@zpr.uni-koeln.de
 WWW:        http://www.zpr.uni-koeln.de/~heesen/

Thread