On Sun, Jan 19, 2014 at 4:17 AM, Daniel Micay <[email protected]> wrote: > > If there was a tiny subset of Rust it could be compiled down to with a > simpler backend (not LLVM), then I think you could talk seriously > about the language offering a secure sandbox. I don't think it is even > obtainable with a codebase as large as librustc/LLVM. A pretty high > number of issues in the Rust and LLVM trackers could be considered > security issues, and those are just the ones we know about.
Of course, the entire compiler still has to be free of vulnerabilities itself. Even if it targets a backend assumed to be correct, the attacker still has the entire surface area of libsyntax/librustc to play with. _______________________________________________ Rust-dev mailing list [email protected] https://mail.mozilla.org/listinfo/rust-dev
