Version française
Home     About     Download     Resources     Contact us    
Browse thread
Securely loading and running untrusted modules
[ Home ] [ Index: by date | by threads ]
[ Search: ]

[ Message by date: previous | next ] [ Message in thread: previous | next ] [ Thread: previous | next ]
Date: -- (:)
From: Alex Baretta <alex@b...>
Subject: Re: [Caml-list] Securely loading and running untrusted modules
Richard Jones wrote:
> On Tue, Apr 05, 2005 at 09:55:32PM +0900, Nicolas Cannasse wrote:
> 
>>I think that current VM is optimized for speed and doesn't do more bytecode
>>checking than strictly necessary. That means that someone could forge some
>>bytecode file that would take control of the VM and then can call the whole
>>C api. Tricky, but feasible.
> 
> 
> I'm hoping that by compiling from source I'll avoid any bytecode
> attacks.  Is there a way to generate faulty bytecode from a source
> file?
> 
> Rich.

alex@alex:~$ ocaml
         Objective Caml version 3.08.2

# external pizza : 'a -> 'b = "%identity";;
external pizza : 'a -> 'b = "%identity"
# pizza 1 = "pasta";;
Segmentation fault


-- 
*********************************************************************
http://www.barettadeit.com/
Baretta DE&IT
A division of Baretta SRL

tel. +39 02 370 111 55
fax. +39 02 370 111 54

Our technology:

The Application System/Xcaml (AS/Xcaml)
<http://www.asxcaml.org/>

The FreerP Project
<http://www.freerp.org/>