[fpc-pascal] Interresting discussion

Jonas Maebe jonas.maebe at elis.ugent.be
Wed Feb 22 13:04:35 CET 2006

On 22 feb 2006, at 11:26, Michael Van Canneyt wrote:

>> I don't think there are many host OS'es out there which e.g. only  
>> run signed applications. The fact is that for some purposes, none  
>> of the current OS'es "does its job correctly" in that sense. Just  
>> use the right tool for the job, I personally don't understand all  
>> this hostility against managed environments (except as a reaction  
>> against claims that they are always much better than unmanaged  
>> environments, but overdoing it in the other direction isn't going  
>> to get the discussion anywhere).
> Well, the very idea of a program running in a managed environment  
> which by
> itself is also a managed environment seems like a waste of resources.

The environments have different management capabilities. The OS  
manages the hardware and provides an interface between the hardware  
and the software. These managed environments pure manage software.  
They don't have a compatibility scourge to deal with, and therefore  
can break paradigms which are widely in use but which are inherently  
insecure (such as pointers) or which make programs unverifiable (self- 
modifying code, data-in-code and code-in data, code flow which is  
impossible to determine etc).

> Secondly, too many links in the chain makes it easier for the chain  
> to break...

I don't think a managed environment is easier to break than in case  
you try to stuff all those things in an already existing environments.

> The advantage of running 'signed' applications also eludes me. Even  
> so,
> provided you really want that, you could easily integrate that in  
> the OS,
> without having a new managed environment...

Then you have to integrate it in every OS, bolting it on on  
structures which were never designed for such things. It can be much  
safer and sometimes even easier to start from scratch and build  
something from the ground up which was made for this purpose. A bit  
like the difference between adapting Turbo Pascal into a 32/64 bit  
retargettable compiler (I wonder whether Borland wouldn't have  
advanced faster if they started Delphi from scratch rather than  
reusing stuff from TP in the beginning) and starting Free Pascal  
(should that have been a possible choice back in the days).


More information about the fpc-pascal mailing list