Building Secure Systems using Programming Languages and Analysis

Resin questions

  1. An alternative approach to hacking the runtime to implement Resin is to use code rewriting, i.e., rewrite applications to perform the data flow tracking inline. What are 2-3 challenges with this approach? (Hint: some language features may make this more difficult than others.)

  2. What are some advantages and disadvantages to Resin’s policy specification approach when compared to label based approaches like LIO?