|
|
|
|
|
|
by caf
5162 days ago
|
|
|
The important part of the design - the bit that makes it achievable - is that it's not a general x86 VM. It only accepts a limited subset of valid x86 object code, a subset chosen to make validation a tractable problem. This requires a modified compiler be used. The unlikelihood that the original design was perfect is probably why they had the "Native Client Security Contest" a few years ago - and indeed independent researchers found several flaws. Personally, I'm a lot happier with it now that they've fixed everything that Mark Dowd could find wrong with it ;) |
|
|