[MUD-Dev] Scripting languages
Kwon J. Ekstrom
justice at softhome.net
Wed Jul 2 17:50:28 CEST 2003
Bruce Mitchener wrote:
> Kwon J. Ekstrom wrote:
>> I personally don't see how writing a custom language helps much
>> against malicious code.
> It depends on the custom language of course. Various systems out
> there have security models that are part of the language, its
> compilation environment, or its runtime environment.
Perhaps I misworded this.
While I'm positive that a custom language "can" help with security,
I don't see that as reason enough to write my own. Several embedded
languages have a security model that's been tested on a variety of
systems.
I'm sure there's some loopholes to my security model I haven't found
yet, holes I haven't patched, etc. Those holes are on my objects
themselves, the language is secure.
The security features you mentioned in your examples all seem based
on enforcing a priviledge model. This is exactly what I did with
Rhino, and I'm fairly sure that it took alot less time to research
and code.
-- Kwon J. Ekstrom
_______________________________________________
MUD-Dev mailing list
MUD-Dev at kanga.nu
https://www.kanga.nu/lists/listinfo/mud-dev
More information about the mud-dev-archive
mailing list