[Mono-devel-list] Code Access Security - Initial thought
Paolo Molaro
lupus at ximian.com
Fri Dec 19 07:59:06 EST 2003
On 12/18/03 Varga Zoltan wrote:
> Be advised that implementing CAS makes little sense
> without doing
> a security audit of the runtime and the class libraries.
So? You have to start somewhere and the CAS implementation
can be done completely in parallel with the audit of the runtime.
Complete security requires both auditing of the runtime and CAS, but
this doesn't mean that you can't work on one until the other is
completed. The jit does many checks of the consistency of the IL code
and they are useless from a security point of view until CAS is
implemented: the CLR is a large system and pieces of it can well be
developed independently until they all fit together.
lupus
--
-----------------------------------------------------------------
lupus at debian.org debian/rules
lupus at ximian.com Monkeys do it better
More information about the Mono-devel-list
mailing list