[e-lang] Any languages addressing denial of resource attacks?
Sandro Magi
smagi at higherlogics.com
Tue Aug 14 14:45:33 EDT 2007
E currently doesn't tackle denial of resource attacks against the memory
system, and partial support for denial of resource against the CPU by
spawning vats. Are there any other languages addressing these two denial
of resource attacks?
Consider a principled language with capabilities and processes with
explicitly configurable heap quotas. The process abstraction extends the
vat with memory accountability, and so can prevent DoS against memory.
Assuming capability-secure libraries and an audited VM, is the above
system still vulnerable to any other attacks? I'm trying to get a feel
for what sorts of vulnerabilities remain once capabilities and DoS
resistance/immunity are present.
Sandro
More information about the e-lang
mailing list