From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,INVALID_MSGID
	autolearn=no autolearn_force=no version=3.4.4
X-Google-Language: ENGLISH,ASCII-7-bit
X-Google-Thread: 103376,5882b8e137d950f8
X-Google-Attributes: gid103376,public
From: Wes Groleau <wwgrol@ftw.rsc.raytheon.com>
Subject: Re: DII COE bars Ada -> Java compilation
Date: 2000/04/07
Message-ID: <38EDE91D.C6A9EC19@ftw.rsc.raytheon.com>#1/1
X-Deja-AN: 608000956
Content-Transfer-Encoding: 7bit
References: <38EB3482.971747E4@lmco.com> <8cfg7m$qbd$1@nnrp1.deja.com>
X-Accept-Language: en,es,fr,pt
Content-Type: text/plain; charset=us-ascii
X-Complaints-To: news@ext.ray.com
X-Trace: bos-service2.ext.raytheon.com 955115808 151.168.144.162 (Fri,
 07 Apr 2000 09:56:48 EDT)
Organization: Raytheon Company
MIME-Version: 1.0
NNTP-Posting-Date: Fri, 07 Apr 2000 09:56:48 EDT
Newsgroups: comp.lang.ada
Date: 2000-04-07T00:00:00+00:00
List-Id: <comp.lang.ada>


> > .... such compilers may inadvertently bypass intended Java security
> > features."
> >
> > Is this a legitimate concern?  I can kinda see how it might be, since
> 
> I should hope not. If the security is built into the language rather
> than into the virtual machine, then anyone could bypass the security
> just by writing themselves a program in "bytecode assembly".

And in fact, one security report I read described a security hole that
could be exploited by a byte-code assembler but which was prevented by
a "correct" Java compiler.