ABSTRACT
This chapter deals with checking the safety of executing code obtained from an untrusted source. Such a scenario is fairly common with the increasing popularity of the Internet. In addition, with the arrival of the programming language Java it is likely to become even more common. Applets and plug-ins are routinely downloaded and executed. The characteristic feature of this kind of activity, as far as this chapter is concerned, is that the code comes very often from a third party who may be an untrusted source. We call the person who has produced the code the code producer1 and the person who uses the program the code consumer. The problem that is the topic of this chapter is as follows:
and Machine Code
how does the code consumer ensure that the code producer’s code either maliciously or inadvertently does not corrupt the former’s system resources? Note that we allow a weaker interpretation of the word corrupt: it is possible that the foreign code may just acquire resources without releasing it instead of proactively causing harm to the consumer’s system. The process of ensuring the safety of the code consumer’s system is called safety checking.
