[EROS-Arch] Re: [E-Lang] Re: Interaction Design for
End-UserSecurity
Mark S. Miller
markm@caplet.com
Thu, 05 Apr 2001 15:08:48 -0700
At 01:46 PM Thursday 4/5/01, David Chizmadia wrote:
> Actually I think that Jonathan's whole message applies equally well to
>the lambda calculus in the general case. I read his point as saying that
>irrespective of perfect mathematics, experience has shown that there are
>always imperfections introduced into implementation because of the
>imperfections of the universe in which the implementation occurs. This must
>of course be qualified by the statement that we only have experience with
>the single universe that we all appear to share :-)
>
> Thus, while the E lambda calculus may be mathematically perfect (I use
>the qualifier since I haven't studied it and therefore have no basis for
>making any judgement), its implementation could be compromised at any of at
>least 3 distinct implementation points. First, the compiler that transforms
>the lambda calculus into JVM instructions could be flawed. Second, any the
>implementation of the JVM could be incorrect. Third (in the case of
>software implementations of the JVM), the native hardware instruction
>specification could be incorrectly implemented. If any one of these levels
>is compromised, even a perfectly correct lambda calculus program could be
>compromised.
I was talking about the lambda calculus itself, not implementations of it.
I believe Jonathan's message does not apply to "the lambda calculus in the
general case", where the general case includes the lambda calculus itself.
Has this conversation gotten silly enough yet?
Cheers,
--MarkM