From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: weis Received: (from weis@localhost) by pauillac.inria.fr (8.7.6/8.7.3) id KAA24417 for caml-redistribution@pauillac.inria.fr; Fri, 12 Nov 1999 10:19:12 +0100 (MET) Resent-Message-Id: <199911120919.KAA24417@pauillac.inria.fr> Received: from concorde.inria.fr (concorde.inria.fr [192.93.2.39]) by pauillac.inria.fr (8.7.6/8.7.3) with ESMTP id WAA27148 for ; Thu, 11 Nov 1999 22:01:28 +0100 (MET) Received: from pauillac.inria.fr (pauillac.inria.fr [128.93.11.35]) by concorde.inria.fr (8.8.7/8.8.7) with ESMTP id WAA10331; Thu, 11 Nov 1999 22:01:24 +0100 (MET) Received: (from xleroy@localhost) by pauillac.inria.fr (8.7.6/8.7.3) id WAA29103; Thu, 11 Nov 1999 22:01:24 +0100 (MET) Message-ID: <19991111220124.07336@pauillac.inria.fr> Date: Thu, 11 Nov 1999 22:01:24 +0100 From: Xavier Leroy To: Michael Hicks Cc: caml-list@inria.fr Subject: Re: dynamic loading of Caml bytecode References: <199911081607.LAA27012@codex.cis.upenn.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.89.1 In-Reply-To: <199911081607.LAA27012@codex.cis.upenn.edu>; from Michael Hicks on Mon, Nov 08, 1999 at 11:07:23AM -0500 Resent-From: weis@pauillac.inria.fr Resent-Date: Fri, 12 Nov 1999 10:19:12 +0100 Resent-To: caml-redistribution@pauillac.inria.fr > I wonder if anyone could elaborate for me on the safety of dynamically > loaded Ocaml bytecode? Is it possible to load bytecode that is not > well-formed or type-correct (thus resulting in a core-dump or other > misbehavior at runtime)? I understand that interfaces are checked for > consistency using MD5 hashes, but I'm curious about the internal consistency > of the bytecode file itself. Essentially no consistency checks are performed by the dynamic loader. Just like the MD5-based interface consistency mechanism that you mention, the whole dynamic loader assumes that its input has been produced by a correct OCaml compiler and not modified since. That's why in the MMM design we had to rely on cryptographic signatures to ensure the well-formedness of applet code. - Xavier Leroy