| See, this is where knowing the history of bytecode formats since UNCOL, would be relevant. Burroungs (1961), https://en.wikipedia.org/wiki/Burroughs_Large_Systems "In fact, all unsafe constructs are rejected by the NEWP compiler unless a block is specifically marked to allow those instructions. Such marking of blocks provide a multi-level protection mechanism." "NEWP programs that contain unsafe constructs are initially non-executable. The security administrator of a system is able to "bless" such programs and make them executable, but normal users are not able to do this. (Even "privileged users", who normally have essentially root privilege, may be unable to do this depending on the configuration chosen by the site.) While NEWP can be used to write general programs and has a number of features designed for large software projects, it does not support everything ALGOL does." CLR (2001) https://learn.microsoft.com/en-us/dotnet/framework/tools/pev... "Normally, code that is not verifiably type safe cannot run, although you can set security policy to allow the execution of trusted but unverifiable code." IBM i (nee AS/400) https://medium.com/@dhemanthc/ibm-i-architecture-how-timi-an... "SLIC enforces IBM i’s unique object-based model. Rather than managing raw memory locations or file descriptors, all resources (programs, files, queues, data areas, libraries) are managed as named objects with properties, ownership, and permissions. This object model permeates everything in IBM i, from file systems to program calls." Aka capabilities, and what CHERI project is pushing for as means to fix C and C++ code at hardware level. |