Subject: Re: veriexec (Re: CVS commit: src)
To: None <elad@NetBSD.org>
From: YAMAMOTO Takashi <firstname.lastname@example.org>
Date: 10/01/2006 19:53:12
> > do you mean, if the interpreter is under a trusted path?
> > isn't it the same for veriexec?
> The interpreter is probably under a trusted path. But once executed, the
> input it gets (from stdin, for example) is untrusted -- because it's
> typed in by a user -- but is under a trusted path because it's
> (a solution from the far past used the immutable flag to distinguish
> interpreters, then marking them with a process flag meaning "can't read
> from stdin", and checking that flag where needed. I believe our way is
> much cleaner. :)
how does "our way" solve it?
is it related to the "direct"/"indirect" distinction? (it was my original