VM Plugins internal vs external

>From what i know, it has more to do with having smaller sized vm's, than >with efficiency reasons.

Yes, and with security. Thats why FFI is external. If you
remove it all code (downloaded or not) can only use built
in primitives and its not possible to call OS API's and
harm your computer.

Bye
T.



--
Neu: GMX De-Mail - Einfach wie E-Mail, sicher wie ein Brief!  
Jetzt De-Mail-Adresse reservieren: http://portal.gmx.net/de/go/demail

_______________________________________________
Pharo-project mailing list
[hidden email]
http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project

On 20 September 2010 12:51, Torsten Bergmann <[hidden email]> wrote:
> >From what i know, it has more to do with having smaller sized vm's, than >with efficiency reasons.
>
> Yes, and with security. Thats why FFI is external. If you
> remove it all code (downloaded or not) can only use built
> in primitives and its not possible to call OS API's and
> harm your computer.
>

Stop scaring the people, Torsten :)

If you have an intent to damage the computer, you can do it even without FFI,
since VM allows you to interact with OS'es file system.

The only scenario, where you would not want to allow FFI is in
sandboxed environment,
like browser plugin, where you do not allow to interact with display,
files, network directly.
But then, i think, it is better to build a specialized VM for that,
rather than trying to make the default
VM, which is shipped by developers and for developers, so limiting
that you can't do things which you
intend to do anyways (see Teleplace, for example).




--
Best regards,
Igor Stasenko AKA sig.

_______________________________________________
Pharo-project mailing list
[hidden email]
http://lists.gforge.inria.fr/cgi-bin/mailman/listinfo/pharo-project