Re: Linux for JavaVM

H. Peter Anvin (hpa@transmeta.com)
17 Jan 1997 19:51:24 GMT

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Nicolas Lichtmaier: "The kernel should try /sbin/sulogin first."
Previous message: Michael Driscoll: "Re: modutils970116/routing"

Followup to: <5bi7jd$2gd$1@work.smurf.noris.de>
By author: smurf@noris.de (Matthias Urlichs)
In newsgroup: linux.dev.kernel
> >
> Yes: you are wrong. The bytecode does NOT support such C features as
> "dereference an arbitrary pointer". The Java VM is supposed to afford a
> safe, "boxed", environment for arbitrary Java code snippets. You can't do
> that if you would ever allow the bytecode equivalent of perfectly-legal C
> code such as "*(char *)0x123456 = 0x78" to run.
>

Sure you can. You just have to either make sure 0x123456 is a memory
location the applet is allowed to access, or fault. This is a
function of the byte code interpreter. The Linux kernel allows C
programs to do *(char *)0x123456 = 0x78; for example, but that doesn't
give them access to arbitrary memory locations. This is a feature of
the CPUs used. When you write a byte code interpreter (or compiler)
you are doing a "virtual CPU", in effect, so you can define it to have
whatever security features you choose.

Note that that doesn't mean the Java spec supports this kinds of
operations (AFAIK it doesn't) but it doesn't mean it isn't possible.

-hpa

-- 
This space intentionally has nothing but text explaining why this
space has nothing but text explaining that this space would otherwise
have been left blank, and would otherwise have been left blank.

Next message: Nicolas Lichtmaier: "The kernel should try /sbin/sulogin first."
Previous message: Michael Driscoll: "Re: modutils970116/routing"