[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: DSO-style FFI
From: |
Ted Zlatanov |
Subject: |
Re: DSO-style FFI |
Date: |
Wed, 09 Oct 2013 21:25:39 -0400 |
User-agent: |
Gnus/5.130008 (Ma Gnus v0.8) Emacs/24.3.50 (gnu/linux) |
On Wed, 09 Oct 2013 17:52:36 -0600 Davis Herring <address@hidden> wrote:
>> That's pretty dangerous, isn't it? Any memory corruption, intentional
>> or not, could affect the user significantly. Is that an acceptable risk?
DH> Intentional memory corruption is entirely beside the point -- you're
DH> already planning to run whatever code the DSO provides with your current
DH> security credentials. (You even already run DSO-specified code as soon
DH> as you call dlopen().)
OK.
DH> As for accidental corruption, you can at least protect your Lisp_Objects
DH> by controlling how you copy data into and out of them. (Of course, a
DH> wild pointer can corrupt absolutely anything, but you're not very likely
DH> to be in an undesirable "Emacs appears functional but is confused" state.)
Yeah, I was wondering how much can be done here, but I guess "not much."
Moreover, I was wondering whether the risk is acceptable. The other
extreme is to have some protocol to externally executed modules so
there's no chance of corruption; it's very inefficient but also much
less risky. I think it's safe to say the risk of DSOs is acceptable to
everyone, but wanted to be clear about it.
Thanks for explaining.
Ted
- Re: Emacs crypto use cases, (continued)
- Re: Emacs crypto use cases, Stephen J. Turnbull, 2013/10/08
- DSO-style FFI (was: Emacs crypto use cases), Stefan Monnier, 2013/10/08
- Re: DSO-style FFI, Tom Tromey, 2013/10/08
- Re: DSO-style FFI, Ted Zlatanov, 2013/10/08
- Re: DSO-style FFI, Tom Tromey, 2013/10/08
- Re: DSO-style FFI, Ted Zlatanov, 2013/10/09
- Re: DSO-style FFI, Andreas Schwab, 2013/10/10
- Re: DSO-style FFI, Davis Herring, 2013/10/08
- Re: DSO-style FFI, Ted Zlatanov, 2013/10/09
- Re: DSO-style FFI, Davis Herring, 2013/10/09
- Re: DSO-style FFI,
Ted Zlatanov <=
- Re: DSO-style DSOs (this is NOT an FFI!), Stephen J. Turnbull, 2013/10/10
- Re: DSO-style FFI, Stephen J. Turnbull, 2013/10/08
- Re: DSO-style FFI, Stefan Monnier, 2013/10/08
- Re: DSO-style FFI, Michael Welsh Duggan, 2013/10/12
- Re: DSO-style FFI, Stephen J. Turnbull, 2013/10/12
- Re: DSO-style FFI, Stefan Monnier, 2013/10/14
- Re: DSO-style FFI, Ted Zlatanov, 2013/10/18
- Re: DSO-style FFI, Stefan Monnier, 2013/10/19
- Re: DSO-style FFI, Stefan Monnier, 2013/10/19
- Re: DSO-style FFI, Andy Moreton, 2013/10/19