Sunday, October 21, 2012

Security and Objects

Mobile code is one of the great challenges for software security. Lets say  you are writing an email application. The idea that people could send little apps to each other in email messages might seem like a potentially interesting feature: users could build polls, schedule meetings, play games, share interactive documents. Kind of cool.

And if the platform you are building upon supports reflectively evaluating code, it could be as easy as something like this (in OO pseudocode):

    define load_message(message)

Of course it can't be that easy. What if the code in the message does something like:


The standard way to avoid the vulnerability is to put the code in a so-called sandbox. It sounds very secure, but in practice this usually amounts to gathering up a list of "dangerous" call sites and inserting in each some code to check if the caller has permission to proceed. So the implementation of delete would include code along the lines of:

    define delete()
        if VM.callStackContainsEvilCode?()
            raise YouShallNotPassException()


This is fraught with problems. It requires runtime support for inspecting the call stack and a system for declaring that certain code has some level of authorization while some other code has a lower level. Not to mention the busywork of going trough the code and peppering that little snippet over every suspect call site. If you miss one — say, for instance, a method that gets the addresses of all contacts on your email application — and you have a security bug on your hands.

A better way ?

Perhaps there is a better way. Take another look at the offending line: new"/").delete(). It is only able to call the dangerous delete() method because it has a reference to a file object pointing to the root of the filesystem. And it only has that reference because it could reach for the File class on a global namespace. What if there was no global namespace?

It might seem weird, but it's not that hard to imagine a programming system lacking a global namespace. Many object-oriented languages, following Smalltalk's lead, have a notion of a metaclass, an object that represents a class. Many of them (also following Smalltak) also get by without a "new" operator. Objects are created by calling a method — usually named new() — on the metaclass object.

We are very close now. The last step, unfortunately not taken by most common languages, is to avoid anchoring the metaclass object onto a global namespace. The result is that code can only create objects of the classes it holds a reference to. And it only has a reference if it is given one via a method or constructor parameter.

Proceeding recursively, we end up with a stratified program. There is an entry point that receives a reference to the entire standard library, and each call site decides how much authority to grant each callee. On our example, when we evaluate external code we can grant very little authority, meaning we can pass the evaluated code just a handful of references. Care must be taken so that none of them will direct or indirectly provide a way to create a File. In a way, object design becomes security policy.

And we get very fine-grained control over such policy. We could, for instance, grant loaded code authority to write on a designated directory just by passing it a reference to the Directory object for that directory. Our choices get even more interesting when we realize we can pass references to proxies instead of real objects in order to attenuate authority. Continuing with our example, hoping it doesn't get too contrived, we could build a proxy for the Directory that checks if callers exceed a given quota of disk space.


I have mentioned above that most common languages don't fit this post's description. But there are languages that do, a prime example is E. In fact, there is a whole area of research for dealing with security in this manner, it's called "object capability security".

I'm not really a security guy, I got interested in the area due to the implications for language and system design. If you got interested, for any reason, please check out Mark Miller's work. He is the creator of the E language and the javascript-based Caja project. His thesis is very readable.


Anonymous said...

Yes! I read the intro and hoped that you would go to the object-capability model and you did not disappoint. Miller's thesis and projects are great.

Check out for a Smalltalk with no global namespace. Very cool language in general, as well.

Xiang Nan said...

When I took possession of the Rolex Submariner,a couple things jumped out at me. First, and this is always nice to find, it had its original Origina Replica Breitling Twinlock crown (Triplocks came later at around the 3M serial number). So many 1:1 Replica Rolex Watches have lost their original crowns to Triplocks along the way,In a weird twist of irony, the Omega Watches Robert-Jan wrote about from this year’s Baselworld contained a Cyclops for the first time in its history. Hermes handbags , in its self-pronounced desire to push innovation.

DedicatedHosting4u said...

Hey, very nice site. I came across this on Google, and I am stoked that I did. I will definitely be coming back here more often. Wish I could add to the conversation and bring a bit more to the table, but am just taking in as much info as I can at the moment. Thanks .

MindtechAffiliates said...

I am overwhelmed by your post with such a nice topic. Usually, I visit your blogs and get updated with the information you include but today’s blog would be the most appreciable...

Cpa offers

digital marketing company Indore said...

This is a fantastic idea! I like it a lot because it's super easy for the audience to see the value of opting in. wonderful and amazing post very use full your post thanks for sharing your article
Android Application development
Web application

digital marketing company Indore said...

Your post is very good. I got to learn a lot from your post. Thank you for sharing your article for us. it is amazing post
what is seo
types of seo

Nathan William said...

This study is conducted to assess Nike, Inc. reviewing the four major aspects of concern. Nike, Inc. is listed on NYSE with offices located all over the world. A Nike swot Analysis helps review its strategy and its performance against all the external and internal factors. It includes Strengths, Weaknesses, Opportunities and Threats. They are known as the basis of its short-term and long-term strategic direction.

Michael Jones said...

Making an assignment is tricky especially when it is science assignment. And with the help of these tricks you can make your assignment free from any error. Still if you have any query related to this topic you can take assistance from Assignment help.

Assignment help online

Online Assignment help

rickypauls said...

Thanks for sharing amazing particulars on Assignment Help. If you need to have great online writing services for completing your important projects and for scoring high marks, visit the website of greatassignmenthelp
Assignment Help Online
Online Assignment Help
Assignment Help Online Services
Assignment Helper
Assignment Assistance
Assignment Help Experts
Online Assignment Help Services

myassignmenthelpau said...

This post is very thoughtful and useful to me. I really like this and I’m waiting for your next post! MyAssignmentHelpAu providing best and high-quality Programming assignment help . You have simply visited our website and contact our expert team. Our experts available 24*7.

hpprintercare said...

HP printer set up error is very difficult to be resolved. If you want to set up HP printer, you fail to do it. You may face HP printer set up process, you need to call certified printer technicians. Setting up HP printer is not an easy job, so it needs technical skills properly. Our trained printer technicians are technically known for setting up HP printer in the right ways. Our hp wireless printer process is hassle-free, quick and affordable as compared with others. Our techies are comfortably available to help you for any type of technical errors.

HP Printer Troubleshooting said...

A reliable technical support is one of the most important factors for every HP device user. Sometimes user face technical issues with their HP device and unable to fix them. In this situation, you should contact HP Support to get immediate help from experts to fix the problem.

filingbazaar said...

Nidhi company registration requires a minimum of 3 members. The procedure of Nidhi Company Registration is very economical. However, Nidhi company registration can be done in Delhi-NCR, and other major Indian cities with best corporate team of Filing Bazaar. Before discussing in detail procedure of registration first let us understand what a Nidhi Company is. ‘Nidhi’ is a Hindi origin word meaning finance or fund. Nidhi means a company which has been incorporated with the object of developing the habit of thrift and reserve funds amongst its members and also receiving deposits and lending mutual benefits to its members. The Nidhi Company Registration is very easy.
Nidhi Company Registration

Daniel Scott said...

Assignment writing is not an easy task; it takes a lot of effort. If you are worried about your assignments, then don’t anymore! Because PrimeAssignmentHelp will help you with all type of assignment help and you won’t have to worry about deadlines ever. PrimeAssignmentHelp offers help in all kinds of assignments writing and delivers quality work within deadline. Get professional help in assignment writing service with PrimeAssignmentHelp.Many students look to continue their nursing career as NP, Midwife, CN, AIN or any other nursing course, often they might require nursing assignment help, and there we come in and are the first choice for international studies.Are you in a hurry and missing the deadline of the assignment? We have around a clock support team to serve you at the best. All our childcare assignment help experts are having rich experience in the childcare industry so they help in writing childcare assignments. Include dedicated research to the subject, citing case studies and references as well.We also provide 24*7 live SAS assignment help to clear any query that might occur. The credentials of the experts who will help you with the assignment are also made available to prove our reliability. We proffer you with the finest quality of assignment in these subjects which includes Accounting, Management, Essay Writing, Finance, Thesis, Dissertation, Economics, Statistics, Engineering, Mathematics, Computer Science, Chemistry, and Physics.

Stacy Kelly said...

Wow! Thanks for sharing your ideas. Quicken is a financial managing software program needs to be installed it before making it in use. If you are a newbie and non-tech person, then few hurdles can be encountered during installation process. At that point, you should give a ring at Quicken Customer Support Numberwithout any delay. Our team of highly skilled and talented technicians will immediately lend a hand and proffer the fruitful direction so wherever you find the errors will be effectively annihilated in no time. The provided number is our 24/7 accessible toll-free number where all Quicken users arehelped without taking any charges.

Bella said...

Thank you so much for sharing such an informative blog.

QuickBooks Online Backup said...

QuickBooks is one of the best accounting software available with cloud-based services. The backup of data is very important for further use in accounting. You need to doquickbooks online backup
to save and secure your data from lost. You can also take the help from experts to get backup help from experts.

Anonymous said...

At, we have been helping students to enjoy academic excellence for over a decade.  Since the past twelve years, we have observed that students struggle to compose their bibliographies and ask for help with APA, MLA, Harvard and Oxford referencing formats. Our dedicated quality control team makes sure to read between the lines and add the necessary citations in Oxford referencing style or any format you might need paper help. 

Anonymous said...

At, we understand that every student has unique needs and requirements. This is why we deliver custom essay help to cater to all your academic needs.
Our team of 5000+ essay writer have decades of experience in proving custom essay writing help. They draft top-notch essays and assignments that contribute significantly to your final grades. Availing help from our experts will help you to climb the ladder of success with your dream mark sheet.

QuickBooks error 3371 said...

While confronting the QuickBooks error 3371, you do not need to compromise with valuable effects and impression rate. Contact with experts to fix this error immediately.

printersupportnumber said...

Nice Post..
The situation becomes very worst when you tried everything but your HP Printer Support. The best way to resolve this issue is to contact reliable support service. At support desk, you will get complete solution for your HP Printer device.

Bella said...

Very nice!!! This is really good blog information thanks for sharing.
pay someone to do assignment
write my essay

mary Brown said...

I am glad that I saw this post. It is informative blog for us and we need this type of blog thanks for share this blog, Keep posting such instructional blogs and I am looking forward for your future posts.
Cyber Security Projects for Final Year

JavaScript Training in Chennai

Project Centers in Chennai

JavaScript Training in Chennai

fullassignment said...

As a assignment help provider, we know the importance of dissertation writing in students life. While writing your dissertation assignment if you stuck in writing at this point we are here to help you in your dissertation writing. Get the dissertation assignment help Services outstandingly by the professional and qualified tutors at fullassignment. Our faculty are proficient in writing assignment. Our experts provide best dissertation writing services for students. For more info please visit our website:
or reach out us on whatsapp - (+1) 669-271-4848

john amber said...

I suggest all members choose assignment help Australia for the best guideline in your academia. The perfect and expert assistant your requirement and learning assignment project by the university.

GetHelp said...

Hello, I am Aliza Decruz and working on for 2 years. This is best and renowned SEO Company in USA. This company provides the best SEO services for elevating the rank of your website to the top position in SERP. Also, the services of our company are available at reasonable rates. So, don’t think much, just avail our services and lets your business touches the height of the success.

HP Envy 4520 Offline said...

Very nice post. I simply stumbled upon your weblog and wanted to mention that I have really loved surfing around your blog posts. If you are facing problem regarding HP Envy 4520 Offline. Call our Toll-Free number: - +1-844-802-7535.

Albus Snape said...

You should always choose the best mobile game developers for your mobile game development project. And you'll find the best mobile game developers only from the best mobile game development company i.e. Appknock. It is the India's best mobile game development company who provide the best game development services at very affordable prices.

hpprintercare said...

HP printer won’t print black is one of the most common problems that annoy the users. This error takes place due to many reasons. If you’re facing hp printer not printing black error, you should call printer technicians immediately. So, we are here to help you remotely. We work independently for hp printer customers to provide unlimited technical support at their desk. Our techies will identify actual causes and try to apply the effective solutions. Our technical support experts are ready to help you to resolve all hurdles coming in the path of HP printer

Trykartehai said...

If your sexual life has also become stale, introducing different sex toys will help. Here, at, you can buy an array of sex toys for couples to even fulfill your wildest fantasies.

Internet Marketing Tips Blog said...

There are some crucial features of SEO to look for in an e-commerce platform: Ability to customize Title Tags, Meta Descriptions, URLs, and Header Tags. A well-optimized URL structure and simple 301 redirects. Mobile customization. A powerful internal search feature and proper indexation of internal search results.

vignette crit'air said...

Thank you for the valuable information. Nowadays it's mandatory to have air quality certificate of the vehicle if you driving in France. These crit'air lyon certificate is a secure document that makes it possible to classify vehicles according to their pollutant emissions.

solicitud esta said...

Gracias por la información. Las solicitud esta de autorización oficial de ESTA son simples y rápidas. Su formulario ESTA para viajar a los Estados Unidos está disponible. Vaya a los EE. UU. Con su VISA ESTA USA en mano.

Canon Support said...

Setting up canon mg3600 is one of the most difficult tasks for new users. If you’re a new user and want to set up this printing model and don’t have sufficient knowledge, you can choose us as a handy technical guide. We work closely as a reliable third party technical support provider, offering live technical support services for canon printer users. Our trained printer support team is capable of applying their technical skills to set up Canon PIXMA MG3600 in the simple ways. Our helpline number is open round the clock to help you for any type of technical troubles.

Tillock Watson said...

'I'm highly impressed by the piece of thoughts you have shared on this portal. all the best
connect us on Assignment Help can shed your burden of assignments with a return of qualitative assignments.

baroncorrz said...

Have you purchased Epson printer with the intention to attain the high printing possibilities and outcome? Well, buying this most desirable computer peripheral is obvious thing while you want to access the high functionality features. What you will do in case Epson printer setup is not according to set up manual? For resolving this unexpected enigma, we are working in the top rated firm as a service expert. Our main aim and vision is to offer the excellent result to you at all. Lastly, you need to reveal the overall story to our technical team. They provide the instant solution to you. To overcome from failure, you can dial our toll free number.

Unknown said...

We are one of the most trustworthy and independent third party technical support service providers, offering online technical support services for brother printer users. If you’re experiencing Brother printer offline issue, you can call our certified printer experts immediately. Our printer technicians are available online to help you remotely.