+2
_______________________________________________
Rust-dev mailing list
[email protected]
https://mail.mozilla.org/listinfo/rust-dev
This is bug #2628:
https://github.com/mozilla/rust/issues/2628
After hacking on Servo I feel very strongly about this now. The vast
majority of exploitable crashes are in code that Rust considers safe. In
fact, I feel that if we *don't* do this, then we aren't any safer than
C++ in a practical sense, despite all our efforts. A security auditor
has to consider whether the target of every single call _expression_ in
safe or unsafe code could possibly alias an extern "C" function.
Patrick
_______________________________________________
Rust-dev mailing list
[email protected]
https://mail.mozilla.org/listinfo/rust-dev
