Rust is pretty uniquely positioned to explore using things like WASM for sandboxing steps of the build which are otherwise authored in Rust, like procedural macros:https://twitter.com/jedisct1/status/1183773459651989511 …
Well, the problem is that blocking compile time execution doesn’t prevent those crates from just doing those evil things at runtime instead.
-
-
Build-time attacks can be stealthier because they potentially avoid the forensic evidence that goes along with a trojan build artifacthttps://tonyarcieri.com/rust-in-2019-security-maturity-stability#sandboxing-for-code-classprettyprintbuildrsco_2 …
Thanks. Twitter will use this to make your timeline better. UndoUndo
-
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.