[cap-talk] Confessions of a C programmer

[Ka-Ping Yee]

On Wed, 23 Sep 2009, Rob Meijer wrote:
> Would there also be considerations that would favor an interpreter over a
> compiler when looking at verifying security properties?

An interpreter can perform security checks against the dynamic state
of the running program -- checks that might be hard or impossible to
anticipate through static analysis.  The interpreter wouldn't give you
these guarantees ahead of time, but it could guarantee that programs
violating the constraints would abort rather than running in violation.


-- ?!ng