Hacker News new | past | comments | ask | show | jobs | submit login

How would you prevent that? If programs can load files into memory and execute data loaded into memory as code, they can load files as code. The former is necessary for obvious reasons, the latter for JIT.

It's also pointless. If a program can cause damage by loading harmful code it can also cause damage directly.

Restricting what programs can do is a great way to prevent experimentation and hinder progress.




You can prevent that by using the NX or the XD bit. Its a CPU feature and I believe the support was added over 15 years ago in most popular OSs. Here's the commit for Linux https://git.kernel.org/pub/scm/linux/kernel/git/history/hist...

>It's also pointless. If a program can cause damage by loading harmful code it can also cause damage directly.

It is not pointless, but it is also not perfect. That's why we have defense in depth. Where instead of having one perfect moat to protect the castle, you also have alligators and witches that turn people into frogs. :P


The OS can prevent it, but can it do so without making JIT impossible?


well, if you can’t make pages executable you can “just in time” it by interpreting and writing it to an optimized interpreter format i suppose (but it will be much slower)... as an example, see WKWebView vs UIWebView (from iOS)


You can do that but slow JIT kind of misses the point.




Guidelines | FAQ | Support | API | Security | Lists | Bookmarklet | Legal | Apply to YC | Contact

Search: