Jump to Content

Tradeoffs in Retrofitting Security: An Experience Report

Mark S. Miller
Dynamic Languages Symposium, ACM (2007)


In 1973, John Reynold’s and James Morris’ Gedanken language retrofit object-capability security into an Algol-like base. Today, there are active projects retrofitting Java, Javascript, Python, Mozart/Oz, OCaml, Perl, and Pict. These represent a variety of approaches, with different tradeoffs regarding legacy compatibility, safety, and expressivity. In this talk I propose a taxonomy of these approaches, and discuss some of the lessons learned to date.