LWN.net Logo

Not logged in

Log in now

Create an account

Subscribe to LWN

Recent Features

LWN.net Weekly Edition for May 16, 2013

A look at the PyPy 2.0 release

PostgreSQL 9.3 beta: Federated databases and more

LWN.net Weekly Edition for May 9, 2013

(Nearly) full tickless operation in 3.10

Printable page
Weekly edition Kernel Security Distributions Contact Us Search
Archives Calendar Subscribe Write for LWN LWN.net FAQ Sponsors

Google's Native Client

Google's Native Client

Posted Jun 10, 2009 18:36 UTC (Wed) by Ford_Prefect (subscriber, #36934)
Parent article: Google's Native Client

"In addition, x86 programs can execute from data"

I don't understand why things like the NX bit [1] have not yet become on-by-default. Surely performance impact is either non-existent or fixable?

[1] http://en.wikipedia.org/wiki/NX_bit

(Log in to post comments)

Google's Native Client

Posted Jun 15, 2009 9:28 UTC (Mon) by forthy (guest, #1525) [Link]

Remember: One reason to actually have native code is to implement other languages. E.g. Lisp or Forth or Ocaml. These languages are interactive, so they can download additional code, compile and run it - to native code on fast implementations. Game engines have an AI subsystem, which is quite often written in such a language.

Of course it is impossible to prove such a thing as "safe" (or rather the reverse: It is easy to prove it as unsafe). Therefore I think the right thing to do for untrusted native code is indeed to sandbox the native code in a VM, and not to check the code itself - and rely on something like NX bit and disable "self-modifying code" (generated code is "self-modified").

Copyright © 2013, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds