I think the idea that the program can load files as code is insane in itself. There shouldn't be such a mechanism in an ideal world. The operating system would decide what you can actually load and load it for you.
How would you prevent that? If programs can load files into memory and execute data loaded into memory as code, they can load files as code. The former is necessary for obvious reasons, the latter for JIT.
It's also pointless. If a program can cause damage by loading harmful code it can also cause damage directly.
Restricting what programs can do is a great way to prevent experimentation and hinder progress.
>It's also pointless. If a program can cause damage by loading harmful code it can also cause damage directly.
It is not pointless, but it is also not perfect. That's why we have defense in depth. Where instead of having one perfect moat to protect the castle, you also have alligators and witches that turn people into frogs. :P
well, if you can’t make pages executable you can “just in time” it by interpreting and writing it to an optimized interpreter format i suppose (but it will be much slower)... as an example, see WKWebView vs UIWebView (from iOS)
>I think the idea that the program can load files as code is insane in itself. There shouldn't be such a mechanism in an ideal world.
What do you mean by loading files "as code". Do you mean setting the execute bit on memory pages? You need to have the appropriate permissions to do that, and a locked down system wide policy can prevent programs from doing that as well.
It's also pointless. If a program can cause damage by loading harmful code it can also cause damage directly.
Restricting what programs can do is a great way to prevent experimentation and hinder progress.