I'm still not getting this. With interpretative languages, what is being executable is data, not binary code. In general, interpreters don't generate binary code to be executed.
BTW, the Wikipedia article on Harvard Architecture never mentions anything about security. Richard -----Original Message----- From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED] On Behalf Of Rob, grandpa of Ryan, Trevor, Devon & Hannah Sent: Thursday, July 17, 2008 6:47 PM To: [email protected] Subject: Re: [funsec] Texas Bank Dumps Antivirus for Whitelisting Date sent: Thu, 17 Jul 2008 14:57:07 -0400 From: Larry Seltzer <[EMAIL PROTECTED]> > SQL isn't actually executable code, it's > just data that program code uses in order to decide what to execute. Pretty good definition of a compiler, isn't it? > A > program in a Harvard architecture is capable of going "if x==1 then > do_this() else if x==2 then do_that(); etc(),etc(),etc()" - can't it? Yup, but you'd have to do it in the program store. > Things like buffer overflows would be impossible with a Harvard > architecture, but I don't see why SQL injection or Trojan horse programs > or many other malicious items would be any less likely. SQL injection would be prevented because you couldn't have any data submitted to the program store. Trojans are still possible, but you have to convince the owner to manually enter your program into the program store, you can't just send it via email or driveby download. ====================== (quote inserted randomly by Pegasus Mailer) [EMAIL PROTECTED] [EMAIL PROTECTED] [EMAIL PROTECTED] The World Youth Congress was the greatest thing that ever happened [to Ghana], so I was surprised to learn [later] that it was a CIA front. I may be the only person you will ever meet who is indebted to the CIA. - Stephen Lewis http://victoria.tc.ca/techrev/rms.htm _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list. _______________________________________________ Fun and Misc security discussion for OT posts. https://linuxbox.org/cgi-bin/mailman/listinfo/funsec Note: funsec is a public and open mailing list.
