Abstract: Type safety is the most common mechanism for securely running untrusted code from the Internet. When the untrusted code is written in a type-safe language like JavaScript, Java, or C#, the language's type system guarantees that the code cannot damage the user's computer (without the user's permission). This guarantee, however, rests on the correct enforcement of type safety, and a typical computer system has many components that must be trusted to enforce type safety. A bug in any one of these components could break security entirely: a buggy compiler could emit unsafe code, a buggy garbage collector could turn integers into unsafe pointers, a buggy operating system could overwrite a thread's context with untyped data, and a buggy device driver could instruct a device to overwrite typed memory with untyped data.
Publication Year: 2011
Publication Date: 2011-01-25
Language: en
Type: article
Indexed In: ['crossref']
Access and Citation
AI Researcher Chatbot
Get quick answers to your questions about the article from our AI researcher chatbot