At 10:17 PM +0000 10/30/02, Kv Org wrote:
Unfortunately not. (Though I really, *really* wish this was the case) The bytecode data, all of it, must be considered completely untrustworthy unless explicitly (and out-of-bandly) marked otherwise. The code segment that invokes a stronger security context can be considered out of band in this context, as it is for the code running in the secureOn Tue, 29 Oct 2002 09:55:23 -0800, Chromatic wrote:
I'd really like to be able to save comments from
source files as metadata. This has at least two
potential benefits. First, it >makes it much easier
to recreate the whole file from bytecode (especially
refactored bytecode). Second, it makes it possible to pull out method
documentation in the Smalltalk or Python sense.
Maybe metadata's not the place for this, but it
seems rather natural to me.
I always thought metadata in bytecode was the place for storing security/permission/capability related information about the compiled chunk. If we want Perl6 and Parrot to handle security and limited code sandboxes better than Perl5's Safe.pm, this is a basic requirement.
The interpreter engine is responsible for enforcing security. It *must*, when running with security turned on, assume that all bytecode has been written by malicious vermin with too much time on their hands and the morals (and ethics) of a rabid weasel. It just can't be trusted, unfortunately. (Parrot bytecode is inherently unverifiable as well, at least in the general case, which exacerbates the problem)
--
Dan
--------------------------------------"it's like this"-------------------
Dan Sugalski even samurai
[EMAIL PROTECTED] have teddy bears and even
teddy bears get drunk
