TEAM-ADA Archives

Team Ada: Ada Programming Language Advocacy

TEAM-ADA@LISTSERV.ACM.ORG

Options: Use Classic View

Use Proportional Font
Show Text Part by Default
Show All Mail Headers

Topic: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
"Carlisle, Martin, Dr, DFCS" <[log in to unmask]>
Thu, 6 Apr 2000 09:29:18 -0600
text/plain (80 lines)
This seems quite bogus.  Security restrictions are not enforced by Java the
language, but instead by the Java Virtual Machine, which interprets the
bytecodes (and must detect illegal bytecodes).  Rationale is that you don't
want someone writing a Java compiler that doesn't enforce security (on
purpose, e.g.) and then have unsuspecting users run the illegal bytecodes.

Being a professor at the US Air Force Academy, I'd be happy to lend support,
or sign my name to such a document if you think it would help.

--Martin

----------------------------------------------------------
Martin C. Carlisle, PhD
Assistant Professor of Computer Science
US Air Force Academy
Managing Editor, SIGAda Ada Letters

-----Original Message-----
From: Criley, Marc A [mailto:[log in to unmask]]
Sent: Thursday, April 06, 2000 9:13 AM
To: [log in to unmask]
Subject: DII COE bars Ada -> Java compilation


I made the following postings on comp.lang.ada to get some general feedback,
and Britt Snodgrass subsequently suggested I repost them to Team Ada.

First the original posting:

--------------------------------------------------------------------

To Ada to JBC compiler vendors:

Section 8.2.3 (Miscellaneous) of the Defense Information Infrastructure
Common Operating Environment (DII COE) Integration & Run-Time
Specification (I&RTS) v4.0 states that "Developers shall not use
compilers designed to convert code developed in other languages (e.g.,
Ada, C++) to create Java byte-codes. This restriction is important
because such compilers may inadvertently bypass intended Java security
features."

Is this a legitimate concern?  I can kinda see how it might be, since
for instance Java forbids things like uninitialized objects (though I
vaguely recall some kind of exception to that), which Ada permits.  I
suspect I could probably come up with some other potential problems if I
dug into it.

If the Ada to JBC compilers do not introduce the security risks that the
I&RTS warns about, some educating is clearly called for.

Marc A. Criley

--------------------------------------------------------------------

After getting the hoped-for raising of wrath and ire, I followed up with
this:

--------------------------------------------------------------------

> Given the resounding repudiation of this prohibition against Ada (or
> other language) to Java compilers, I'd like to try to get it removed.
>
> Though I'm not working on a DII COE compliant program, I'm going to try
> to look at and work the process to get it removed.  If anyone
> (particularly among those responding) has any technical material, white
> papers, etc., with which to buttress this effort, I would be happy to
> incorporate those into this drive.
>
> Alternatively, if someone feels they're in a better position to attack
> this issue now that it's been identified, I'll defer to and support
> them.
>
> Thanks for the responses.
>
> Marc A. Criley
> Software Architect
> Lockheed Martin M&DS
> [log in to unmask]
>

ATOM RSS1 RSS2