Re: Self-modifying code, Function pointers & { Safety, Security}

On 2014-03-07, Seima Rao <seimarao@gmail.com> wrote:
> Hi,
>
> We are used to separation of code from data at the language level.


Those "we" who don't use Lisp and related languages.


> However, two features disupt security :
>
> i) self-modifying code
>
> i.e. writing to code space


Note that loading an executable on any operating system constitutes
the above.


The solution for that is supposed to be a web of trust. You load only
code that is trusted somehow.


> ii) functions residing in data space
>
> Are there safety & security solutions possible for the above two
> safety, security holes ?


You can have a compiler built into our language for dynamically compiling code.
That compiler can "sandbox" dynamic programs into not doing anything "bad": it
can avoid exposing certain functions or operators to them.


E.g. in Lisp we have the compile function, but that provides access to the
full language, including all implementation-specific escape hatches, like
foreign function calling or whatever.


However, we can make a function "my-compile" which accepts only a strictly
sandboxed dialect, translates it to the regular Lisp (or at least the
parts of it that differ, if any) and then hands it to the compile function.


Dynamically compiled regular expressions are an example of this. You can hardly
reformat the proverbial disk out of a regex, unless it has some exploitable
hole not related to the semantics of regex. A regex is a severely sandboxed,
dynamically compiled language which can be translated all the way down to
machine code that can be trusted.


--
Music DIY Mailing List: http://www.kylheku.com/diy
ADA MP-1 Mailing List: http://www.kylheku.com/mp1

Return to the comp.compilers page.
Search the comp.compilers archives again.