[Mono-list] Intel and the CLR?
Tue, 5 Mar 2002 19:27:18 +1100
On 05-Mar-2002, int18@MIT.EDU <int18@MIT.EDU> wrote:
> Caching binaries on disk sounds like an incredibly bad idea due to
> security issues.
No, it's not an incredibly bad idea. You just need to make sure
that you handle the security issues.
> Someone could replace the copy in the cache with a
> program that does something that is completely different and you would
> have no way of telling.
Sure. And someone could equally well replace /bin/ls or ~/.bash_profile
or (ms)corlib.dll with a program that does something completely different.
If the attacker has write access to your files, then you are already lost.
Obviously you need to make sure the cache is not world-writable...
> Also, compiling a IL program down to machine
> code makes the program no longer verifiable.
That's OK, you can check that the program is verifiable
before compiling it down to machine code.
Fergus Henderson <firstname.lastname@example.org> | "I have always known that the pursuit
The University of Melbourne | of excellence is a lethal habit"
WWW: <http://www.cs.mu.oz.au/~fjh> | -- the last words of T. S. Garp.