ENUM_OPS .h include file

Jonathan Leto jaleto at gmail.com
Tue Mar 9 21:38:51 UTC 2010


Howdy,

OK, i think I get a bit more about what is going on. Could you comment
on this TT?

http://trac.parrot.org/parrot/ticket/1500

My motivation is to be able to tell if an op is in a certain class of
ops, so that other code can decide to allow or deny that op. Your
method sounds like it is more secure since it disalllows certain ops
at the runcore level. But it also sounds like your method makes it a
requirement that the ops that will be disallowed/allowed at compile
time, while my method gives the ability to change it at run-time.

I think both would be very useful and increase the security of Parrot greatly.

Duke



On Tue, Mar 9, 2010 at 1:25 PM, Kevin Tew <tewk at tewk.com> wrote:
> This is my srcs/runcore/futures.c runcore for futures.
>
> The idea is to create a runcore were only certain ops can occur.
> Possible roadmap:
> 1. Create helperfunctions declare restricted runloop functionality.
> 2. Migrate C helperfunctions to be a declarative language for customizing
> the jit so that restricted functionality isn't allowed in jitted code.
>
> Having symbolic names for opcodes in c is just a first baby step.
>
> I'll see if I can email you a git bundle of the whole changeset
>
> Kevin
>
> Jonathan Leto wrote:
>>
>> Howdy,
>>
>> I am very interested in restricted runloops and what they mean for
>> PDD18 (security), but I don't quite understand the purpose of the
>> patch or what it does. Can you explain it a bit more?
>>
>> Duke
>>
>>
>>
>> On Tue, Mar 9, 2010 at 11:16 AM, Kevin Tew <tewk at tewk.com> wrote:
>>
>>>
>>> The attached patch generates include/parrot/opsenum.h
>>>
>>> I used the enumsto create a custom runloop for futures.
>>>
>>> I'm guessing that this may be useful to others who want to write
>>> restricted
>>> runloops.
>>>
>>> I'm willing to take a small amount of naming/formating suggestions and
>>> check
>>> it in, if people are interested.
>>>
>>> Keivn
>>>
>>> _______________________________________________
>>> http://lists.parrot.org/mailman/listinfo/parrot-dev
>>>
>>>
>>>
>>
>>
>>
>>
>
>



-- 
Jonathan "Duke" Leto
jonathan at leto.net
http://leto.net


More information about the parrot-dev mailing list