[Date Prev][Date Next][Thread Prev][Thread Next]
[Date Index]
[Thread Index]
- Subject: Re: Bytecode: Safe or not? / luac manual
- From: Stefan Reich <stefan.reich.maker.of.eye@...>
- Date: Mon, 31 Oct 2011 13:19:35 +0000
Hi Frank! (Quite a few Germans on this list it seems.)
On Mon, Oct 31, 2011 at 11:47 AM, Frank Meier-Dörnberg <frank@md-web.de> wrote:
> Am 30.10.2011 21:50, schrieb Stefan Reich:
> ...
>> I really do hope that lbcv covers all the possible violations. Having
>> a safe way of loading untrusted bytecode is quite crucial to what I
>> want to be able to do with Mobile Lua.
>
> Do you really have to "load untrusted bytecode"?
Yes, that is the ultimate goal - and a really important one. Because
what I want is "total mobility".
(Heh, the term sounds a little... fascist. I can assure you it's not.)
By total mobility I mean an infrastructure of freely available
computation servers, open for everyone. Open like the WWW, email and
public streets.
For that, we need to run code from untrusted sources. If we require
trusted sources all the time, we cannot expand the system the way I
want it to expand.
> Is not it enough or even better to load cryptographically signed bytecode?
That is ok as an intermediate measure. But even then: Why would I want
anything I load to endanger my system - no matter where it came from?
Better to just make the system water-tight.
Stefan