Get the latest tech news
How to talk to your parents about hardware memory safety (CHERI)
Some conversations are difficult to have with members of older generations who grew up with different social norms. In particular, when you’re talking to people who grew up with PDP-11s with their completely flat memory, or Lisp machines or Burroughs Large Systems with their deeply opinionated and language-integrated hardware memory safety, you may find it hard to talk about CHERI. This guide aims to help you have those conversations with the minimum of stress on both sides.
A language that has a notion of read-only views of objects could use it automatically but in C/C++ we expose the operations to remove (and check) permissions as built-in functions, so you can use them for building your own security policies. It hands out pointers to objects, marks them as free, and periodically triggers revocation, to ensure that no other component (irrespective of the language it’s written in) can access them after they’ve been freed. In C, for example, we don’t enforce stack temporal safety within a compartment because it’s easy for static analysers to track this kind of bug when they can see all of the code and it’s a better security-performance tradeoff to recommend that people aim the gun slightly away from their foot.
Or read this on Hacker News/cdn.vox-cdn.com/uploads/chorus_asset/file/25406818/STK051_TIKTOK_CVirginia_C.jpg)
