[Mono-dev] The State Of Mono Assembly Verification?

Zoltan Varga vargaz at gmail.com
Thu Feb 2 15:43:21 EST 2006


                                  Hey,

 IMHO, verification should be kept separate from the JIT. The job of the JIT is
to generate machine code _fast_, while the goal of the verifier is to
be _secure_.
Mixing the two would probably lead to a JIT which wasn't very fast, and it
wasn't very secure either. 'We are missing some checks' is a far cry
from security.

                                            Zoltan

On 2/2/06, Sebastien Pouliot <sebastien.pouliot at gmail.com> wrote:
> On Thu, 2006-02-02 at 20:41 +0100, Joachim Ante wrote:
> > > A few weeks ago I asked about something related to this, currently when
> > > the JIT encounters something it does not like, it bails out in the form
> > > of a g_abort, and the question was whether there were any reasons not to
> > > try to recover from this gracefully and return an exception.
> > >
> > > Zoltan suggested that we should implement a proper verifier, but if the
> > > right way of doing verification is by sending the method to the JIT,
> > > then we should go down the path I proposed (email pasted at the end).
> > I second this. It would be very very useful for us if mono wouldn't g_assert
> > but throw exceptions when the dll is invalid/broken/obfuscated/maliciously
> > modified.
>
> I believe it would be useful to many people - even if most don't realize
> it today. Until then Mono is "restricted" to run trusted code which,
> IMHO, "limits" it usefulness (I admit the "limit" is probably rather low
> as there are very few applications supporting partial trust today).
>
> Anyway the truth (please feel all free to prove me wrong ;-) is that
> security, especially runtime security, hasn't been very popular with
> contributors - in any form (e.g. code, samples, reviews, test cases...).
>
> I may be biased but I'm glad that Novell is investing in this (ok I'm
> totally biased ;-). However Mono could use a little more global support
> and/or contributions in this domain. I guess we could see this as either
> a participation or a patience game ;-)
> --
> Sebastien Pouliot  <sebastien at ximian.com>
> Blog: http://pages.infinit.net/ctech/
>
> _______________________________________________
> Mono-devel-list mailing list
> Mono-devel-list at lists.ximian.com
> http://lists.ximian.com/mailman/listinfo/mono-devel-list
>



More information about the Mono-devel-list mailing list