From mboxrd@z Thu Jan 1 00:00:00 1970 X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on polar.synack.me X-Spam-Level: X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham autolearn_force=no version=3.4.4 X-Google-Thread: 103376,af0c6ea85f3ed92d X-Google-NewGroupId: yes X-Google-Attributes: gida07f3367d7,domainid0,public,usenet X-Google-Language: ENGLISH,ASCII-7-bit Received: by 10.204.156.210 with SMTP id y18mr1769674bkw.7.1330995969888; Mon, 05 Mar 2012 17:06:09 -0800 (PST) MIME-Version: 1.0 Path: t13ni104270bkb.0!nntp.google.com!news2.google.com!news3.google.com!proxad.net!feeder1-2.proxad.net!news.in2p3.fr!in2p3.fr!news.ecp.fr!news.jacob-sparre.dk!munin.jacob-sparre.dk!pnx.dk!.POSTED!not-for-mail From: "Randy Brukardt" Newsgroups: comp.lang.ada Subject: Re: Arbitrary Sandbox Date: Mon, 5 Mar 2012 19:06:06 -0600 Organization: Jacob Sparre Andersen Research & Innovation Message-ID: References: <2aaee0a4-e820-4a75-bbaf-d9d09c366d2c@f5g2000yqm.googlegroups.com> <4da4bf75-e6c9-4c17-9072-ab6f533ed93f@vd8g2000pbc.googlegroups.com> <203d63cf-42a9-49ef-82cd-943d77b5e438@c21g2000yqi.googlegroups.com> <193cr8xol0ysi.14p4cp2yxnb0r$.dlg@40tude.net> <1jleu301thnd3$.s23priwn3ajb$.dlg@40tude.net> <18o3vqsl9uy2$.a3m68cg8ysro.dlg@40tude.net> NNTP-Posting-Host: static-69-95-181-76.mad.choiceone.net X-Trace: munin.nbi.dk 1330995968 1393 69.95.181.76 (6 Mar 2012 01:06:08 GMT) X-Complaints-To: news@jacob-sparre.dk NNTP-Posting-Date: Tue, 6 Mar 2012 01:06:08 +0000 (UTC) X-Priority: 3 X-MSMail-Priority: Normal X-Newsreader: Microsoft Outlook Express 6.00.2900.5931 X-RFC2646: Format=Flowed; Original X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.6157 Date: 2012-03-05T19:06:06-06:00 List-Id: "Robert A Duff" wrote in message news:wccvcn1nl0x.fsf@shell01.TheWorld.com... ... >> Maybe so. But this is a different case, because memory protection and >> segmentation support is already there. Why no high-level language uses >> it? > > You mean "already there" in 386/pentium? Languages don't use it because > it's inefficient, and because whatever segmentation can do can be done > better by some combination of software and paging. The only reason it is "inefficient" was because OSes didn't use it. That is, it was quite efficient on an 386 (the only big expense occurs when reloading segment registers, and that was something that occurred very rarely in the two-segment model we used). Nowdays, the segment prefixes themselves have become very expensive, and thus it's no longer practical to use the segments at all. Boo. As far as "software" and "paging" being able to do anything, this makes no sense at all. Pages on the x86 architecture don't (or at least didn't until fairly recently) have any memory permissions associated with them, so it was impossible to use that to prevent executing data. Moreover, Unix-derived file formats had no practical way to tell the OS what was not executed (and the little information that exists was not used in any Unix or Windows system that I worked on prior to XPsp3). As a practical matter, OSes made it completely impossible for a compiler to do anything in this area, even if it wanted to (as we strongly did -- we continued to use the DOS Extender compiler for development for a decade simply because it detected bugs a lot earlier than NT could - executing stack by mistake is extremely common). So sad. And nowdays they're reinventing the wheel such that it still is impossible for a compiler to do much in this area, except a handful of very weak technologies like DEP. Randy.