[E-Lang] Re: Old Security Myths Continue to Mislead

[Jonathan S. Shapiro]

> When I started working in Java, I was surprised with how many patterns in
> the library used techniques we had avoided in KeyKOS because of their
> impact on security.  For example, String interning implies a shared
> variable which would show up as a hole in a KeyKOS factory

When combined with per-object locks, the channel is quite large indeed.

I am sorry to report that C# has faithfully replicated this security hole --
I just read the spec.


Jonathan