Check out the new USENIX Web site. next up previous
Next: Conclusions Up: Related Work Previous: Memory Access Checking

Type-Safe Languages


All of the vulnerabilities described here result from the lack of type safety in C. If the only operations that can be performed on a variable are those described by the type, then it is not possible to use creative input applied to variable foo to make arbitrary changes to the variable bar.

Type-safety is one of the foundations of the Java security model. Unfortunately, errors in the Java type checking system are one of the ways that Java programs and Java virtual machines can be attacked [5, 20]. If the correctness of the type checking system is in question, then programs depending on that type checking system for security benefit from these techniques in similar ways to the benefit provided to type-unsafe programs. Applying StackGuard techniques to Java programs and Java virtual machines may yield beneficial results.

Crispin Cowan
Tue Dec 9 16:04:30 PST 1997