D vs. C#
Christopher Wright
dhasenan at gmail.com
Tue Oct 23 10:27:41 PDT 2007
Julio César Carrascal Urquijo wrote:
> Walter Bright wrote:
>> I've never been able to discover what the fundamental advantage of a
>> VM is.
>
> The only advantage a VM has over native code that I see is security. I'm
> not talking about this process can't write memory of another process.
>
> I'm talking about this process can't write to the hard disk, only to
> Isolated Storage; but this one can because it's signed by a Thawte
> certificate and the VM.
This policy should be carried out at the operating system level for any
reasonable assurance of security.
> This is a lot more than disallowing pointer arithmetic. I'm not aware of
> any compiled language that has managed to do this.
C + SELinux? If your language doesn't have a VM, the VM can't check any
certificates, only the OS. The reverse is not true -- your OS can check
VM-bound applications' certificates, depending on how VM applications
are launched and whether the VM cooperates.
Though in SELinux, you don't have certificates; you have a complex set
of permissions, essentially, that some really dedicated person has to
come up with.
> On the other hand, most .NET developers ignore CAS (Code Access
> Security) in their apps, so it doesn't seem like a great advantage anyway.
Nobody uses SELinux, either, so that's okay.
More information about the Digitalmars-d
mailing list