John Simmons, Linux, and managed code
-
In the "Java 1.5 vs C# 2.0" thread I mentioned yesterday in the lounge, I was accused by CP frequenter John Simmons of being "way worse than any Linux zealot" and a "junior programmer" who is "new at this programming stuff" hehe. :-) Part of the discussion lead to managed code vs unmanaged code. One of the points I raised for managed code was that the CLR can control permissions for any managed assembly, effectively assuring code is safe to run. If we had a totally managed environment where the CLR could verify code as safe, malware around the web would be diminished, was my argument. I base that argument on the fact that right now most IE+Windows based machines can get spyware, trojans, dialers, what have you; as it's all-or-nothing security with unmanaged code. With managed code things would be different, I argued. John replied with the following bit: Prove it. Right now. What's that you say? Only theory that hasn't been put to the test yet? You are new at this programming stuff, aren't you... So I threw a simple example together, where software running in IE+Windows is placed on a website (similar to how ActiveX controls work, only this time it's managed). Please view the result of my experiment at this link. Requires IE and .NET 1.1. That said, guess I just wanted to post this for all to see since it's kinda cool to see what the CLR really can do after reading so much about CAS, it's not really used all that much today. This post isn't meant to shame anybody, I just figured why not show off the demo to everybody in the Lounge since the original post is buried by now. :-) No hard feelings John, I like to argue about tech and it's good to hear other points of view. Judah Himango
Judah, you seem to be an intelligent, likeable sorta guy, so i'm gonna give you a few bits of advice IRT this site:
- We, for the most part, are working programmers. Keep that in mind as you read on.
- A lot of us are here to relax. Hence the name of this forum. Being working programmers, we can't just go sit in a hot tub (it tends to ruin laptops), so we come here.
- A lot of us are here to find solutions to problems we face while working. Hence the name of the site (note that it doesn't contain the words "IT", "Systems", "OSDN", or "Ziff-Davis" anywhere in the title)
- A lot of us are here to share what we've learned with others. Hence the high signal-to-noise ratio in the articles. The highest-quality articles go to great lengths to explain, not just how, but also why. This is a powerful combination, and tends to make articles on other sites look dull and greasy by comparison. It's also lemony-fresh.
- While a good many of us are fond of flame wars, pissing contests, slow-speed fishing, and other entertaining wastes of time, we already know the sites where these things can be found, and if we must bring them around here are willing to leave them confined to The Soapbox.
Understand what i'm getting at? For the most part, if someone is reading this site, they're already sold on CLR/C# - there just isn't that much here for Java folk. At very least, they're gonna know what it's about, since they stand surrounded by articles on the subject. And for those of us using C++/MFC, we have damn good reasons for doing so, and don't need to be fed propaganda re-hashed from the marketing spout of every new language in the past 20 years. As i stated originally, you seem an intelligent and likeable fella. The test (which does nothing in FireFox btw ;) ) would (if combined with a nice essay detailing how and why it works along with potential) probably make a nice article. But do us all a favor, please - leave the slashdot attitude at slashdot. We're working programmers, not basement zealots. :)
You**'r**e one mi -
Judah, you seem to be an intelligent, likeable sorta guy, so i'm gonna give you a few bits of advice IRT this site:
- We, for the most part, are working programmers. Keep that in mind as you read on.
- A lot of us are here to relax. Hence the name of this forum. Being working programmers, we can't just go sit in a hot tub (it tends to ruin laptops), so we come here.
- A lot of us are here to find solutions to problems we face while working. Hence the name of the site (note that it doesn't contain the words "IT", "Systems", "OSDN", or "Ziff-Davis" anywhere in the title)
- A lot of us are here to share what we've learned with others. Hence the high signal-to-noise ratio in the articles. The highest-quality articles go to great lengths to explain, not just how, but also why. This is a powerful combination, and tends to make articles on other sites look dull and greasy by comparison. It's also lemony-fresh.
- While a good many of us are fond of flame wars, pissing contests, slow-speed fishing, and other entertaining wastes of time, we already know the sites where these things can be found, and if we must bring them around here are willing to leave them confined to The Soapbox.
Understand what i'm getting at? For the most part, if someone is reading this site, they're already sold on CLR/C# - there just isn't that much here for Java folk. At very least, they're gonna know what it's about, since they stand surrounded by articles on the subject. And for those of us using C++/MFC, we have damn good reasons for doing so, and don't need to be fed propaganda re-hashed from the marketing spout of every new language in the past 20 years. As i stated originally, you seem an intelligent and likeable fella. The test (which does nothing in FireFox btw ;) ) would (if combined with a nice essay detailing how and why it works along with potential) probably make a nice article. But do us all a favor, please - leave the slashdot attitude at slashdot. We're working programmers, not basement zealots. :)
You**'r**e one miShog, I will have to learn to keep Linux posts in the Soapbox then. :-) The only reason I posted here was as a follow-up to the Lounge post yesterday, after researching and discovering some CAS stuff after work yesterday (yes I am a working programmer too hehe), I was anxious to post the results of my research for all to see. I'm sorry if you're offended at my research, being a member of the C++/MFC group of which I am formerly a part, I understand your situation. To address your points (sorry for bad formatting, running in Firefox here), We, for the most part, are working programmers. -As am I. Did this research after work yesterday and posted here this morning. A lot of us are here to relax. Hence the name of this forum. Being working programmers, we can't just go sit in a hot tub (it tends to ruin laptops), so we come here. -My laptop is waterproof. ;-) Seriously, it is my mistake to post a managed vs unmanged code with example in the lounge. Next time the soapbox or an article, I promise. :-) A lot of us are here to find solutions to problems we face while working. You come here to find solutions. I discovered a solution and posted the results of my research. A lot of us are here to share what we've learned with others. Exactly! My reason for posting my research. But do us all a favor, please - leave the slashdot attitude at slashdot. I'm sorry if there was any attitude in my post, it wasn't intentional. I was careful not to insult or make inflammatory remarks, only post my research and the reason for doing it.
-
Not directly, but it sounds a bit like you were gloating is all. BW The Biggest Loser
"Farm Donkey makes us laugh.
Farm Donkey hauls some ass."
-The StovesIt was not the intent to gloat. I posted a background to why I did the research, then the result of the research. I meant no gloating or attitude in the post. Judah Himango
-
In the "Java 1.5 vs C# 2.0" thread I mentioned yesterday in the lounge, I was accused by CP frequenter John Simmons of being "way worse than any Linux zealot" and a "junior programmer" who is "new at this programming stuff" hehe. :-) Part of the discussion lead to managed code vs unmanaged code. One of the points I raised for managed code was that the CLR can control permissions for any managed assembly, effectively assuring code is safe to run. If we had a totally managed environment where the CLR could verify code as safe, malware around the web would be diminished, was my argument. I base that argument on the fact that right now most IE+Windows based machines can get spyware, trojans, dialers, what have you; as it's all-or-nothing security with unmanaged code. With managed code things would be different, I argued. John replied with the following bit: Prove it. Right now. What's that you say? Only theory that hasn't been put to the test yet? You are new at this programming stuff, aren't you... So I threw a simple example together, where software running in IE+Windows is placed on a website (similar to how ActiveX controls work, only this time it's managed). Please view the result of my experiment at this link. Requires IE and .NET 1.1. That said, guess I just wanted to post this for all to see since it's kinda cool to see what the CLR really can do after reading so much about CAS, it's not really used all that much today. This post isn't meant to shame anybody, I just figured why not show off the demo to everybody in the Lounge since the original post is buried by now. :-) No hard feelings John, I like to argue about tech and it's good to hear other points of view. Judah Himango
As a fan of the .NET environment, I think you're using the wrong arguments for proving the need of a managed environment. It's entirely possible for an OS to control API calls, in the very same way the CLR controls FX calls via CAS. Past experiments in some OSes proved that it's even possible doing it without affecting application performance, since you can provide pre-loaded descriptor tables (you can imagine it as an array of delegates, in the C# world) for OS calls which map to the real function, to a reduced function, or to an 'access denied' function. MS mentioned doing it on the past, but I guess (it's only a guess) they don't want to do it because it would defeat Windows XP/2003 performance gains with the use of SYSENTER/SYSCALL instructions for API calls, as each application would need different code segment descriptors. OTOH, doing these checks in-process on userland as it's done by Java and .NET is both: 1. Unreliable - as userland code can theoretically overwrite userland code/buffers either by feature or by bug in code checker. 2. Slow - as there's no way to detect that the user switched to 'risky' code (e.g., in Win32, an int 2E signals this), any userland code like the CLR needs to check every call, at least for the first time the call is made. Depending on the program structure, the JIT has no option other than forcing the CLR to check every call during the whole program execution. This is sloooowww.... Managed environments are all about productivity and less knowledge of the underlying platform. Not about platform independence, speed, security, or memory leaks which are common arguments used to justify those environments. Yes, even I am blogging now!
-
As a fan of the .NET environment, I think you're using the wrong arguments for proving the need of a managed environment. It's entirely possible for an OS to control API calls, in the very same way the CLR controls FX calls via CAS. Past experiments in some OSes proved that it's even possible doing it without affecting application performance, since you can provide pre-loaded descriptor tables (you can imagine it as an array of delegates, in the C# world) for OS calls which map to the real function, to a reduced function, or to an 'access denied' function. MS mentioned doing it on the past, but I guess (it's only a guess) they don't want to do it because it would defeat Windows XP/2003 performance gains with the use of SYSENTER/SYSCALL instructions for API calls, as each application would need different code segment descriptors. OTOH, doing these checks in-process on userland as it's done by Java and .NET is both: 1. Unreliable - as userland code can theoretically overwrite userland code/buffers either by feature or by bug in code checker. 2. Slow - as there's no way to detect that the user switched to 'risky' code (e.g., in Win32, an int 2E signals this), any userland code like the CLR needs to check every call, at least for the first time the call is made. Depending on the program structure, the JIT has no option other than forcing the CLR to check every call during the whole program execution. This is sloooowww.... Managed environments are all about productivity and less knowledge of the underlying platform. Not about platform independence, speed, security, or memory leaks which are common arguments used to justify those environments. Yes, even I am blogging now!
My argument wasn't solely CAS as the reason, I just mentioned managed code has improved security over unmanaged code because it can be run in a sandbox and not force the user into an all-or-nothing situation. The point of the research was to give a working example of safely running managed code in a sandbox. Judah Himango
-
Shog, I will have to learn to keep Linux posts in the Soapbox then. :-) The only reason I posted here was as a follow-up to the Lounge post yesterday, after researching and discovering some CAS stuff after work yesterday (yes I am a working programmer too hehe), I was anxious to post the results of my research for all to see. I'm sorry if you're offended at my research, being a member of the C++/MFC group of which I am formerly a part, I understand your situation. To address your points (sorry for bad formatting, running in Firefox here), We, for the most part, are working programmers. -As am I. Did this research after work yesterday and posted here this morning. A lot of us are here to relax. Hence the name of this forum. Being working programmers, we can't just go sit in a hot tub (it tends to ruin laptops), so we come here. -My laptop is waterproof. ;-) Seriously, it is my mistake to post a managed vs unmanged code with example in the lounge. Next time the soapbox or an article, I promise. :-) A lot of us are here to find solutions to problems we face while working. You come here to find solutions. I discovered a solution and posted the results of my research. A lot of us are here to share what we've learned with others. Exactly! My reason for posting my research. But do us all a favor, please - leave the slashdot attitude at slashdot. I'm sorry if there was any attitude in my post, it wasn't intentional. I was careful not to insult or make inflammatory remarks, only post my research and the reason for doing it.
I do apologize, my last post came off as a bit of a put-down - this was not my intention. I was struck by the tone of several posts yesterday (not just yours, but that set it off), which seemed rather dismissive of C++ ("C#, Java, and higher level languages are truely a much better option if you're writing enterprise apps, GUI apps, high level software, and software that cannot be granted full blown access to my computer's resources", "given that you can code in C# using 5 lines what would've taken 20 or 30 in C++" - both very broad assertions that smacked of marketese); i assumed when reading your post today that you were attempting to dredge up this tired argument again. Upon revisiting yesterday's thread, i found i'd missed a good bit of the discussion between JS and yourself - indeed, today's post was more or less demanded. That out of the way, congratulations on having the ambition to actually go and try to demonstrate what you were claiming. Wrong or right, more is accomplished this way than in arguing. :-D
You**'re one microscopic cog** in his catastrophic plan... -
I do apologize, my last post came off as a bit of a put-down - this was not my intention. I was struck by the tone of several posts yesterday (not just yours, but that set it off), which seemed rather dismissive of C++ ("C#, Java, and higher level languages are truely a much better option if you're writing enterprise apps, GUI apps, high level software, and software that cannot be granted full blown access to my computer's resources", "given that you can code in C# using 5 lines what would've taken 20 or 30 in C++" - both very broad assertions that smacked of marketese); i assumed when reading your post today that you were attempting to dredge up this tired argument again. Upon revisiting yesterday's thread, i found i'd missed a good bit of the discussion between JS and yourself - indeed, today's post was more or less demanded. That out of the way, congratulations on having the ambition to actually go and try to demonstrate what you were claiming. Wrong or right, more is accomplished this way than in arguing. :-D
You**'re one microscopic cog** in his catastrophic plan...Thanks Shog. Next time, I'll take your advice and save things like this for an article or the soapbox. :-) Judah Himango
-
As a fan of the .NET environment, I think you're using the wrong arguments for proving the need of a managed environment. It's entirely possible for an OS to control API calls, in the very same way the CLR controls FX calls via CAS. Past experiments in some OSes proved that it's even possible doing it without affecting application performance, since you can provide pre-loaded descriptor tables (you can imagine it as an array of delegates, in the C# world) for OS calls which map to the real function, to a reduced function, or to an 'access denied' function. MS mentioned doing it on the past, but I guess (it's only a guess) they don't want to do it because it would defeat Windows XP/2003 performance gains with the use of SYSENTER/SYSCALL instructions for API calls, as each application would need different code segment descriptors. OTOH, doing these checks in-process on userland as it's done by Java and .NET is both: 1. Unreliable - as userland code can theoretically overwrite userland code/buffers either by feature or by bug in code checker. 2. Slow - as there's no way to detect that the user switched to 'risky' code (e.g., in Win32, an int 2E signals this), any userland code like the CLR needs to check every call, at least for the first time the call is made. Depending on the program structure, the JIT has no option other than forcing the CLR to check every call during the whole program execution. This is sloooowww.... Managed environments are all about productivity and less knowledge of the underlying platform. Not about platform independence, speed, security, or memory leaks which are common arguments used to justify those environments. Yes, even I am blogging now!
Man, I wish I could vote that a 10 or more. Oh well, a 5 will have to do :)
Ryan
"Punctuality is only a virtue for those who aren't smart enough to think of good excuses for being late" John Nichol "Point Of Impact"
-
Judah, you seem to be an intelligent, likeable sorta guy, so i'm gonna give you a few bits of advice IRT this site:
- We, for the most part, are working programmers. Keep that in mind as you read on.
- A lot of us are here to relax. Hence the name of this forum. Being working programmers, we can't just go sit in a hot tub (it tends to ruin laptops), so we come here.
- A lot of us are here to find solutions to problems we face while working. Hence the name of the site (note that it doesn't contain the words "IT", "Systems", "OSDN", or "Ziff-Davis" anywhere in the title)
- A lot of us are here to share what we've learned with others. Hence the high signal-to-noise ratio in the articles. The highest-quality articles go to great lengths to explain, not just how, but also why. This is a powerful combination, and tends to make articles on other sites look dull and greasy by comparison. It's also lemony-fresh.
- While a good many of us are fond of flame wars, pissing contests, slow-speed fishing, and other entertaining wastes of time, we already know the sites where these things can be found, and if we must bring them around here are willing to leave them confined to The Soapbox.
Understand what i'm getting at? For the most part, if someone is reading this site, they're already sold on CLR/C# - there just isn't that much here for Java folk. At very least, they're gonna know what it's about, since they stand surrounded by articles on the subject. And for those of us using C++/MFC, we have damn good reasons for doing so, and don't need to be fed propaganda re-hashed from the marketing spout of every new language in the past 20 years. As i stated originally, you seem an intelligent and likeable fella. The test (which does nothing in FireFox btw ;) ) would (if combined with a nice essay detailing how and why it works along with potential) probably make a nice article. But do us all a favor, please - leave the slashdot attitude at slashdot. We're working programmers, not basement zealots. :)
You**'r**e one miShog9 wrote: But do us all a favor, please - leave the slashdot attitude at slashdot. Shog, I wonder why you only said this to Judah, why not also to the guy who got Judah started on this in the first place? :rolleyes:
My blog on C++/CLI, MFC/Win32, .NET - void Nish(char* szBlog); My MVP tips, tricks and essays web site - www.voidnish.com
-
Shog9 wrote: But do us all a favor, please - leave the slashdot attitude at slashdot. Shog, I wonder why you only said this to Judah, why not also to the guy who got Judah started on this in the first place? :rolleyes:
My blog on C++/CLI, MFC/Win32, .NET - void Nish(char* szBlog); My MVP tips, tricks and essays web site - www.voidnish.com
-
Shog9 wrote: Who was that? Him!
My blog on C++/CLI, MFC/Win32, .NET - void Nish(char* szBlog); My MVP tips, tricks and essays web site - www.voidnish.com
-
In the "Java 1.5 vs C# 2.0" thread I mentioned yesterday in the lounge, I was accused by CP frequenter John Simmons of being "way worse than any Linux zealot" and a "junior programmer" who is "new at this programming stuff" hehe. :-) Part of the discussion lead to managed code vs unmanaged code. One of the points I raised for managed code was that the CLR can control permissions for any managed assembly, effectively assuring code is safe to run. If we had a totally managed environment where the CLR could verify code as safe, malware around the web would be diminished, was my argument. I base that argument on the fact that right now most IE+Windows based machines can get spyware, trojans, dialers, what have you; as it's all-or-nothing security with unmanaged code. With managed code things would be different, I argued. John replied with the following bit: Prove it. Right now. What's that you say? Only theory that hasn't been put to the test yet? You are new at this programming stuff, aren't you... So I threw a simple example together, where software running in IE+Windows is placed on a website (similar to how ActiveX controls work, only this time it's managed). Please view the result of my experiment at this link. Requires IE and .NET 1.1. That said, guess I just wanted to post this for all to see since it's kinda cool to see what the CLR really can do after reading so much about CAS, it's not really used all that much today. This post isn't meant to shame anybody, I just figured why not show off the demo to everybody in the Lounge since the original post is buried by now. :-) No hard feelings John, I like to argue about tech and it's good to hear other points of view. Judah Himango
Your post makes a good point. However, also notice that if people had their systems set up more securely this would also help, for instance using a normal user account rather than an administrator for day-to-day tasks. This is one of the biggest problem I see out in the wild. -- Andrew.