From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham
	autolearn_force=no version=3.4.4
X-Google-Thread: 103376,af0c6ea85f3ed92d
X-Google-NewGroupId: yes
X-Google-Attributes: gida07f3367d7,domainid0,public,usenet
X-Google-Language: ENGLISH,ASCII
Received: by 10.68.238.198 with SMTP id vm6mr15898891pbc.3.1329778451777;
        Mon, 20 Feb 2012 14:54:11 -0800 (PST)
Path: 
 wr5ni49048pbc.0!nntp.google.com!news2.google.com!postnews.google.com!a15g2000yqf.googlegroups.com!not-for-mail
From: Adam Beneschan <adam@irvine.com>
Newsgroups: comp.lang.ada
Subject: Re: Arbitrary Sandbox
Date: Mon, 20 Feb 2012 14:52:51 -0800 (PST)
Organization: http://groups.google.com
Message-ID: 
 <7b1273f0-0e32-41bb-b338-841f05eef658@a15g2000yqf.googlegroups.com>
References: <9qac7gFk0nU1@mid.individual.net> <jhp0bh$fpn$1@speranza.aioe.org>
NNTP-Posting-Host: 66.126.103.122
Mime-Version: 1.0
X-Trace: posting.google.com 1329778451 24313 127.0.0.1 (20 Feb 2012 22:54:11
 GMT)
X-Complaints-To: groups-abuse@google.com
NNTP-Posting-Date: Mon, 20 Feb 2012 22:54:11 +0000 (UTC)
Complaints-To: groups-abuse@google.com
Injection-Info: a15g2000yqf.googlegroups.com; posting-host=66.126.103.122;
 posting-account=duW0ogkAAABjRdnxgLGXDfna0Gc6XqmQ
User-Agent: G2/1.0
X-Google-Web-Client: true
X-Google-Header-Order: ARLUEHNKC
X-HTTP-UserAgent: Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.0; WOW64;
 Trident/4.0; SLCC1; .NET CLR 2.0.50727; Media Center PC 5.0; .NET CLR
 3.5.21022; .NET CLR 3.5.30729; .NET CLR 3.0.30618; .NET4.0C),gzip(gfe)
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
Date: 2012-02-20T14:52:51-08:00
List-Id: <comp.lang.ada>

On Feb 18, 12:06=A0pm, tmo...@acm.org wrote:

> =A0 The Burroughs philosophy was to design hardware and software together=
,
> which included doing different kinds of checks in different, appropriate,
> places. =A0Bad code could be prevented by a correct compiler, so an
> arbitrary generator of bit streams couldn't call its output "executable
> code".  Indexing out of range couldn't be prevented by a compiler, so it
> was checked at run time by hardware. =A0And so forth.
> =A0 In five years supporting a B5500 at U of Wisconsin, I never saw a cor=
e
> dump caused by a compiler generating bad code.

You were lucky.  I seem to remember plenty of them when I worked as a
COBOL programmer on a 3500.

                        -- Adam