From mboxrd@z Thu Jan 1 00:00:00 1970 Received: (from weis@localhost) by pauillac.inria.fr (8.7.6/8.7.3) id MAA13931 for caml-red; Mon, 8 Jan 2001 12:23:58 +0100 (MET) Received: from concorde.inria.fr (concorde.inria.fr [192.93.2.39]) by pauillac.inria.fr (8.7.6/8.7.3) with ESMTP id KAA21513 for ; Mon, 8 Jan 2001 10:59:58 +0100 (MET) Received: from pauillac.inria.fr (pauillac.inria.fr [128.93.11.35]) by concorde.inria.fr (8.11.1/8.10.0) with ESMTP id f089xtD22619; Mon, 8 Jan 2001 10:59:55 +0100 (MET) Received: (from xleroy@localhost) by pauillac.inria.fr (8.7.6/8.7.3) id KAA22758; Mon, 8 Jan 2001 10:59:55 +0100 (MET) Date: Mon, 8 Jan 2001 10:59:55 +0100 From: Xavier Leroy To: Michael Hicks Cc: caml-list@inria.fr Subject: Re: JIT-compilation for OCaml? Message-ID: <20010108105955.C13356@pauillac.inria.fr> References: <20010103185023.A29666@miss.wu-wien.ac.at> <200101050030.f050Uas06293@codex.cis.upenn.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0i In-Reply-To: <200101050030.f050Uas06293@codex.cis.upenn.edu>; from mwh@dsl.cis.upenn.edu on Thu, Jan 04, 2001 at 07:30:36PM -0500 Sender: weis@pauillac.inria.fr > MMM, the Ocaml-based web browser, still exists, see > http://caml.inria.fr/archives/200005/msg00082.html. However, last I knew, > the Ocaml bytecode lacks the security guarantees of Java bytecode. Dynamic > linking will not violate stated interface constraints, but these can be > spoofed, I believe. I'd be interested to know how you'd spoof them. (Except by breaking the MD5 crypto hash function, of course, but if you manage to do so, that would be quite an achievement! Not only would you immediately get a PhD in crpytography, but you would also have a "fun" time with men in black from various organizations...) As far as we know, the interface checking for MMM applets is safe, but it is very brittle: the slightest change in the browser's APIs will cause interface checking to fail, requiring a recompile of the applets. That, and the need for a centralized trusted compiling authority, makes the scheme much less practical than Java-style bytecode verification. - Xavier Leroy