Advertisement

Safer Scripting Through Precompilation

  • Ben Laurie
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4631)

Abstract

One of the challenges in modern systems is the conflict between the desire to run software from a wide variety of untrusted sources and the need to prevent malicious activity by those scripts.

The current standard practice is to attempt to achieve this through permissions, but this has been shown repeatedly to fail in a variety of ways. If permissions are made too granular, they become impossible to configure and so tend to become useless. If they are less granular, loopholes appear through which malicious scripts can wriggle. In either case, providing useful defaults whilst still providing security has proved to be a daunting (or, perhaps, judging on the evidence, impossible) task.

Keywords

Global Variable Malicious Activity Private Method Current Standard Practice Restricted Language 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Miller, M., Yee, K.-P., Shapiro, J.: Capability myths demolished (2003), http://zesty.ca/capmyths/

Copyright information

© Springer-Verlag Berlin Heidelberg 2007

Authors and Affiliations

  • Ben Laurie
    • 1
  1. 1.A.L. Group 

Personalised recommendations