Anyone protecting the stack?

Bill Huey (hui) billh at gnuppy.monkey.org
Thu Sep 18 20:59:26 PDT 2003


On Thu, Sep 18, 2003 at 11:40:24PM -0400, David Rhodus wrote:
> >Java is a pretty secure inside the VM core itself. It's when you start

> Actually most vendors push that statement, but in reality that has been
> proven to be a false statement.

As far as I know, I know of no exploits inside Sun's HotSpot VM itself.
And given how all object allocations are pretty much wrapped around high
level C++ classes with clean access to members, with all threading/signaling
and all OS level stuff is also wrapped around C++ classes, I have a difficult
time imagining that the VM code itself is exploitable. Not too much can
go wrong with trying to throw a signal to a thread in a heavily protected
system like that, even using fringe threading constructs like thread local
storage and suspension. If you have differing information, then I'd like to
know about it.

Again, the shared libraries supporting it might be another problem, but the
entire VM is pretty well bounded and engineered. Easily one of the best
engineered JITs of its type I've ever seen or worked with.

bill






More information about the Kernel mailing list