[prev in list] [next in list] [prev in thread] [next in thread] 

List:       e-lang
Subject:    Re: [e-lang] powerbox presentation
From:       Matej Kosik <kosik () fiit ! stuba ! sk>
Date:       2006-11-16 20:22:56
Message-ID: 455CC8A0.3040600 () fiit ! stuba ! sk
[Download RAW message or body]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Hello,

Mark S. Miller wrote:
> Matej Kosik wrote:
>> The security picture book by Marc Stiegler misses a slide about the
>> powerbox pattern (that is why I raised a ``simple question''
>> http://www.eros-os.org/pipermail/e-lang/2006-August/011460.html
>> some time ago).
>>
>> I quite enjoyed talking about it today to few other people and the
>> presentation is online.
>> http://altair.dcs.elf.stuba.sk/~kosik/latex/tex/powerbox-rants/
> 
> 
> Hi Matej,
> 
> These look great! One minor comment for now:
> 
> I notice that everywhere you have to keep repeating
> 
>      pragma.enable("easy-return")
>      pragma.disable("explicit-result-guard")
> 
> Sorry for this annoyance. With the soon to be posted 0.8.37c and all future 
> releases, all these should work fine with
> 
>      pragma.syntax("0.9")
> 
> which should be less annoying.
> 

I have made a note to update it when 0.9 will be available.

Since powerbox is a useful everywhere where it can be constructed, I
have added to the slides notes about powerbox in Pict. The same problem:

  run foreign code obtained in a source form
  and give it authority to print at most 20 characters
  at the standard output.

is solved (according to me) in Pict. Although E and Pict are different
languages (each of them makes something else more convenient), they can,
I believe, mutually simulate themselves (as opposed to lambda-calculus
which is able to describe only algorithms whereas pi-calculus is able to
describe systems with have some behavior, interact with its environment,
can be composed together, do not necessarily terminate). I am not sure
how much work would that be and whether it would make sense to try it.

Pict is a language formed (by Benjamin C. Pierce) by
- - restricting the original pi-calculus
  (there are only asynchronous sends (as opposed to
   synchronous sends in the original pi-calculus).
   Sends are asynchronous and unbuffered and there
   is no ordering enforced)
+ enriching it with various convenient syntactic suggar
+ enriching it with various primitive processes
  (integers are not encoded in the Church-like way
   but exist as primitives. To the outsider, there is no
   difference)
+ providing a whole bunch of useful library processes.
+ Pict compiler compiles Pict programs to native code
  (via generating C code)
+ adding statical type-checking to the pi-calculus
  (thus any well typed Pict program certainly has (some) sense)

The language is weird (everything is a process) but it is interesting.

The whole powerbox trick in Pict case is
- - not to link untrusted code with (unsafe) standard Pict library
- - reject code that contains `ccode' (it could be used for generating
  arbitrary C code)
- - reject code that contains `import' (it could be used for importing
  arbitrary Pict code wich could perhaps convey more authority than
  we are willing to grant).
I haven't studied all the language features and available nechanisms in
complete detail so there might be things I missed and which could/should
be banned too but due to its nature, Pict could also be useful in
security (and concurrency) field. The fact that the semantics of the
whole language is precisely defined is also appealing. The ability to
compile to native code is unexpected bonus.

Of course, Pict is only a programming language and thus there are
limitations what can be done within it (no way to influence "scheduling"
of "subprocesses").

Regards
- --
Matej Kosik
icq: 300133844
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFFXMifL+CaXfJI/hgRAnAFAKCHpmwGgQ77pgykuN9CKNqvdPCrHgCgwAVl
WK3Wkqjnbs6OcC5/be3favk=
=Xl6/
-----END PGP SIGNATURE-----
_______________________________________________
e-lang mailing list
e-lang@mail.eros-os.org
http://www.eros-os.org/mailman/listinfo/e-lang
[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic