[cap-talk] Language-based safety - notes and meat)

Stiegler, Marc D marc.d.stiegler at hp.com
Mon Nov 15 14:37:30 EST 2004 

In fact, let's write the baseplate for the prize here, now:

----

def breacher := e`
    def breacher(traceln) :void {traceln("Running")}
    `.eval(safeScope)
breacher(println)
interp.blockAtTop()

-----

Substitute any text for the text between the 2 backticks defining the
source code for the breacher. If you can access any authority other than
the stdout output console (reached via the function "println"), you've
breached the system; then the question is, did you breach the
implementation, or the model. "Any authority" includes
creating/deleting/reading/writing files, the reading the clock, creating
a window, reading the keyboard, or invoking any Java class that is
marked "unsafe" in the safej files, and which therefore should only be
reachable using the <unsafe> importer, which in turn should not be
reachable from the breacher code.

--marcs

> -----Original Message-----
> From: cap-talk-bounces at mail.eros-os.org 
> [mailto:cap-talk-bounces at mail.eros-os.org] On Behalf Of "Hal Finney"
> Sent: Monday, November 15, 2004 11:06 AM
> To: cap-talk at mail.eros-os.org
> Subject: RE: [cap-talk] Language-based safety - notes and meat)
> 
> 
> What are the security claims which someone would try to 
> break, in this challenge?
> 
> I can understand how to attack a program which makes certain 
> security claims, but a language is a pretty vague target.  
> Are the claims things like, you can only access an object if 
> you have a pointer to it?
> 
> Or is this about secure program loading like CapDesk?
> 
> You could write a trivial E program which loads an arbitrary 
> file and hands it to the E interpreter, without any 
> capabilities (or maybe only stream access to stdin/stdout), 
> and the challenge is to make it do something other than 
> consume CPU and memory, and write to stdin/stdout if those 
> were passed?
> 
> Hal Finney
> _______________________________________________
> cap-talk mailing list
> cap-talk at mail.eros-os.org 
> http://www.eros-os.org/mailman/listinfo/cap-talk
>

More information about the cap-talk mailing list