> My question may inadvertently get mired in a discussion of security models. > The Java model (and the .NET model) in my mind just doesn't work. Part of > the reason for asking this question is that I'm considering what the > security model in the BitC runtime should look like, so I want to know how > other systems and languages have boogered such things. :-)
it is probably a given that any security thing which has come to date has serious problems. and any future ones will. :) one question is about if it is predicated on the right basic ideas e.g. the ocap vs. acl sort of difference. is it that the fundamental abstractions are wrong? or are they ok but just need to be fixed up somewhat? more miles on the tyres? i get the feeling java & .net are just fundamentally wrong if you want *real* security. of course the next question that is begged is what does *real* security mean? cya security where enough buzzwords checked off mean you are ok, or actual serious crazy real sci fi security? _______________________________________________ bitc-dev mailing list [email protected] http://www.coyotos.org/mailman/listinfo/bitc-dev
