On Monday, 6 June 2016 at 21:57:20 UTC, Pie? wrote:
On Monday, 6 June 2016 at 21:31:32 UTC, Alex Parrill wrote:
But reading sensitive data at compile-time strikes me as
dangerous, depending on your use case. If you are reading
sensitive information at compile time, you are presumably
going to include that information in your binary (otherwise
why would you read it?), and your binary is not secure.
Not necessarily, You chased that rabbit quite far! The data
your reading could contain sensitive information only used at
compile time and not meant to embed. For example, the file
could contain login and password to an SQL database that you
then connect, at compile time and retrieve that information the
disregard the password(it is not needed at run time).
Accessing a SQL server at compile time seems like a huge abuse of
CTFE (and I'm pretty sure it's impossible at the moment). Why do
I need to install and set up a MySQL database in order to build
your software?
