[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] Separating code and data
From:       "David A. Wheeler" <dwheeler () dwheeler ! com>
Date:       2014-10-08 2:41:03
Message-ID: E1XbhBX-0002tA-9n () rmm6prod02 ! runbox ! com
[Download RAW message or body]

On Tue, 7 Oct 2014 16:40:22 +0000, "Mehaffey, John" <John_Mehaffey@mentor.com> wrote:
> I think that separating code and data belongs on David's list of "Most Important
> Software Innovations" (www.dwheeler.com/innovation/innovation.html), although
> arguably the "Separating Text Content from Format" innovation is an example 
> of the class.

Ah!  Thanks for remembering my page!!  

It's certainly true that there are real security advantages to separating code and \
data.  This topic brings up the old Harvard architecture vs. Von Neumann architecture \
discussion.  However, I think that the idea of having separate code and data streams \
is actually much older than digital computers.  The Jacquard loom separated code and \
data, and that dates to 1801.  The innovation was actually probably the other way, \
Von Neumann's allowing their *combination* ("Baby" is usually considered the first \
working example).

--- David A. Wheeler


[prev in list] [next in list] [prev in thread] [next in thread]