[cap-talk] Midori in The Register
James A. Donald
jamesd at echeque.com
Tue Aug 5 22:57:04 CDT 2008
Jonathan S. Shapiro wrote:
> That is: managed code cannot guarantee security, but
> type-unsafe code (which is not quite the same as
> unmanaged code) does guarantee the absence of
> security.
Type unsafe code may well run in an environment where it
has no access to things that would enable it to pursue
the interests of its writer at the expense of the person
who owns the hardware on which it runs. In this sense,
type unsafe code can be made secure.
Everything running above ring zero is already in a VM.
Why not make it a secure VM?
More information about the cap-talk
mailing list