Re: The various levels of /CLI

From: "Peter Oliphant" <poliphant@xxxxxxxxxxxxxxxx>
Date: Mon, 22 Oct 2007 12:57:29 -0700

Cool! Thanx, codekaizen! :)

[==Peter==]

"codekaizen" <codekaizen@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:35F37CB4-7612-4AAF-A6DB-F519286C17CD@xxxxxxxxxxxxxxxx

"Peter Oliphant" wrote:

Since my
program doesn't compile as in '/CLI safe', what am I not 'getting'
because
of this?

CLI / Safe means that the resulting program is pure managed (only
containing
IL instructions, and no native CPU instructions), which is the same as CLI
/
Pure. The "extra" thing Safe adds is that the program is _verifiable_ by
the
runtime.

Verifiable code has certain advantages because it can be proven that
claims
about types and methods are always true. In unsafe code, you can't verify
that a program won't access a type or memory location in a way that it
wasn't
designed to do, and therefore may have unpredictable effects. Native code
is
inherently unverifiable (since the runtime can only prove IL code compiled
by
the JIT [or NGen'd]), and pointers are also unverifiable (since you can do
arbitrary arithmetic on them). Other languages which target the runtime
(C#
and VB) produce verifiable code by default or even exclusively. C++/CLI is
much harder to do this with, and in my opinion isn't well suited for this
task - native / managed interop is by far its greatest strength.

The big "loss" is that you have to run your app in "fully trusted" mode,
which means that the code gets all the privileges the current logon
session
has been granted. If it were verifiable, it could also be made to run in a
"partially trusted" mode, which gives the code less privileges than the
logon
session, making the system more secure, and therefore potentially useful
in a
wider variety of scenarios, such as from a partially trusted website.

References:
- The various levels of /CLI
  - From: Peter Oliphant

Prev by Date: Re: How do you create an array of pointers to managed types? (C++/CLI)
Next by Date: Re: How do you create an array of pointers to managed types? (C++/CLI)
Previous by thread: The various levels of /CLI
Next by thread: How to update 'Edit Control' text from Timer Callback.
Index(es):
- Date
- Thread

Relevant Pages

Re: HardBound and SoftBound (was "The State of Software")
... lots of these nice safe libraries call libraries written in ... if "new code" is self consistent and safe, ... cell phones would lead to safe Java taking over the world. ... languages) compilers that compile through C, ...
(comp.arch)
Re: "Portable" C compilers?
... CLI interfaces can be perfectly safe, ... That sounds inconsistent, at least to me, with the concept that "CLI ...
(comp.lang.c)
Re: A summary of the #include liability
... >> If you merely intended to show that the .NET and CLI are doing what I ... the same notation could not be used at compile time. ... the time has come to be serious about macro-free C++ programming." ...
(comp.lang.cpp)
Re: Is iostream/fstream thread safe ?
... running is a safe mode regarding usage of iostream. ... ".....To perform a sequence of operations on an iostream class object ... But you need to compile and link your application with -mt option. ... > multithread safe but are not async safe. ...
(comp.unix.solaris)
Re: [PATCH] Fix some kallsyms_lookup() vs rmmod races
... module_address_lookupsays it's for oops resolution so races are ... inform it if it is safe to take a mutex or not. ... it just creates new dependencies (hint: this patch shouldn't even compile with current git since module_mutex is not declared in module.h, not to mention compile when CONFIG_MODULES not set) ...
(Linux-Kernel)