harmony-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Ben Laurie <...@algroup.co.uk>
Subject Re: Java Security for Harmony
Date Wed, 11 May 2005 09:36:09 GMT
Tom Tromey wrote:
>>>>>>"Ben" == Ben Laurie <ben@algroup.co.uk> writes:
> 
> 
>>>A few short & sweet reasons see
>>>http://fpl.cs.depaul.edu/cpitcher/se573/lectures/lecture-07.html#slide013
> 
> 
> Ben> So its an optimisation (and therefore optional), right?
> 
> Yes.  Though in practice it is probably necessary to get acceptable
> performance.
> 
> Without a verifier you must track the types of everything on the stack
> and in local variables (if you have a verifier you don't need to do
> this), and do assignability checks on arguments to all method calls,
> qualifying reference for a field lookup, etc.

This might be acceptable for a lightweight JVM, though, so we should 
rule it out.

Also, curious to know - what about out-of-band verifiers? So, for 
example, I verify something on my PC, sign it as verified, then run it 
on a Palm, with no verification?

Cheers,

ben.

-- 
http://www.apache-ssl.org/ben.html       http://www.thebunker.net/

"There is no limit to what a man can do or how far he can go if he
doesn't mind who gets the credit." - Robert Woodruff

Mime
View raw message