harmony-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Tom Tromey <tro...@redhat.com>
Subject Re: Java Security for Harmony
Date Wed, 11 May 2005 18:13:13 GMT
>>>>> "Ben" == Ben Laurie <ben@algroup.co.uk> writes:

Ben> Also, curious to know - what about out-of-band verifiers? So, for
Ben> example, I verify something on my PC, sign it as verified, then run it
Ben> on a Palm, with no verification?

My understanding was that there is a new kind of "split verification",
where a pre-verifier (or the compiler itself) emits type tables as
attributes in the bytecode.  These type tables make verification much
more efficient, as all the special 'jsr' handling and type merging
stuff can just go away.

I haven't heard whether there is a defined way to sign bytecode to
avoid the need for any kind of verification.

I don't think there's any deep reason that verification needs to be
done in an explicit way.  For instance, hypothetically you could have
a VM that looks up a class' byte[] representation in a database of
known-valid classes, and then only does the full verification if it is
not seen.  (This is not completely trivial due to class loading
oddities, but it could be done by deferring some kinds of type
checking, as gcj does.)


View raw message