On 10/12/2012 10:41 AM, Patrick Walton wrote:
This is bug #2628: https://github.com/mozilla/rust/issues/2628
After hacking on Servo I feel very strongly about this now. The vast
majority of exploitable crashes are in code that Rust considers safe. In
fact, I feel that if we *don't* do this, then we aren't any safer than
C++ in a practical sense, despite all our efforts. A security auditor
has to consider whether the target of every single call expression in
safe or unsafe code could possibly alias an extern "C" function.
+2
_______________________________________________
Rust-dev mailing list
[email protected]
https://mail.mozilla.org/listinfo/rust-dev
