Igor Stasenko wrote:
and besides:
VMs is packaged with FFI as dynamic library.
So, if you want extra safety - simply don't shipp your application
with this DLL.
But still, if you allow arbitrary code to run in your image, then what
prevents script kiddie from doing following:
the sandbox does that as it prevents writing of files in "interesting"
locations like the VM directory.
I'm all for using FFI/Alien, what I really tried to make people aware of
is that by using FFI instead of plugins certain things become more
dangerous. For standalone and server applications not loading any code
from the outside this is not a problem at all.
By using FFI we need to more aware though that we potentially open up a
Squeak application to buffer overflow attacks, something that wasn't
really possible before.
So I didn't want to put any brakes on, but raise people's awareness
about security. It's a bit like with the Mac: just because hackers
haven't really cared about exploiting vulnerabilities doesn't mean the
Mac is safe. And we Smalltalkers have considered us to use the Mac of
programming languages and thus feeling safe for the longest time ;-)
Michael
_______________________________________________
Pharo-project mailing list
[email protected]
http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project
