Stack inspection

• Security decisions in Java are made by searching the runtime call stack

  • this is an implementation dependent strategy
  • seemingly ad hoc
  • restricts compiler optimization

• All three vendors use variation of stack inspection

• Very little prior art

  • LISP dynamic binding
  • effective UID in unix

• How can this be formalized?

Previous slide

Next slide

Back to first slide

View graphic version