[RFC] removing library NCI signatures from core

Peter Lobsinger plobsing at gmail.com
Wed Feb 17 19:02:11 UTC 2010


On Wed, Feb 17, 2010 at 11:29 AM, NotFound <julian.notfound at gmail.com> wrote:
>> As a middle-ground first step, howabout we break the non-necessary NCI
>> signatures into a dynlib in the repo. That way we still have them in
>> the repo if needed in the interim, we have a way to run tests on the
>> mechanism locally, and we prepare for the larger refactors that Peter
>> is suggesting.
>
> I like that idea. Even better, make it pluggable and selectable at
> runtime. This way will also allow to easily control or disable his
> usage in security arenas.

Runtime filtering of available signatures should already be doable:

# warning: untested
.include 'iglobals.pasm'
.sub 'filter_out'
  .param string signature
  $P0 = getinterp
  $P1 = $P0[ .IGLOBALS_NCI_FUNCS ]
  delete $P1[ signature ]
.end

Of course, filtering based on signature seems a little coarse to me.
The only really secure solution I can see is to load all permissible
NCI funcs and then completely disallow NCI. But I am  not a security
expert.


More information about the parrot-dev mailing list