Walter Bright wrote:
Georg Wrede wrote:
I mean, how often do you see web sites where stuff is fed to a C
compiler and the resulting programs run????? (Yes it's too slow, but
that's hardly the point here.) That is simply not done.
Consider the Java JVM. You've probably got one installed on your
computer. It gets java code from gawd knows where (as the result of web
browsing), it compiles it, and runs it on your machine unbeknownst to you.
The thing about the JVM, though, is that it runs in a sandbox. Try to
access the file system, or to change the display mode, from an applet or
WebStart-enabled app. It's not going to happen without the user granting
permission. And you know every time the JVM starts up, either from the
Sun logo displayed as the applet loads, the Java logo in the system
tray, or the WebStart dialog that asks permission to run the applet.
Java developers wanting to use the platform for games actually complain
that there's too much security (or, more accurately, that the security
dialogs are either too scary for the average user or ignored
completely). What's worse are the independently developed browser
plugins that allow untrusted executable binaries to run.
.NET does that too.
Every day my browser downloads javascript code, compiles it, and runs it.
There's no reason in principle that D could not be used instead.
This means that we should think about security issues. Compiling
untrusted code should not result in an attack on your system.
http://www.comeaucomputing.com lets you upload random C++ code, compile
it on their system, and view the messages put out by their compiler.
Suppose you did it with D, had it import some sensitive file, and put it
out with a pragma msg statement?
