On 13/01/2013 08:56, Holger Hans Peter Freyther wrote:
On Sun, Jan 13, 2013 at 01:18:31AM +0100, Gwenaël Casaccio wrote:
Hi,
Here is a patch that removes the security framework from the vm side
and the smalltalk side. It needs a review before applying.
What are the arguments to remove this code from the kernel/ and from
the vm/? Is the code in the vm hard to maintain? is the framework broken?
or is the policy framework just outdated?
Security in object based languages should be based on the capability
model (http://en.wikipedia.org/wiki/Object-capability_model
http://en.wikipedia.org/wiki/Capability-based_security).
And as Paolo says it was never really used.
If I need security in Smalltalk, I would implement something like the e
language model.
It's more "smalltalkish", no global authority, just message sending. And
a better security
model also imply a better modular kernel, better module system,
compiler, ...
- p.untrustedContext = IS_OOP_UNTRUSTED (_gst_this_context_oop);
+ p.untrustedContext = false;
What is the reason to leave the untrustedContext around?
Thanks I will remove it
_______________________________________________
help-smalltalk mailing list
[email protected]
https://lists.gnu.org/mailman/listinfo/help-smalltalk
_______________________________________________
help-smalltalk mailing list
[email protected]
https://lists.gnu.org/mailman/listinfo/help-smalltalk
