On Sun, Sep 21, 2014 at 2:02 AM, Cameron Zwarich <zwar...@mozilla.com> wrote:
> The usual solution to this particular problem in typed languages is to > make a new type wrapping sanitized strings, use some feature of the > language (e.g. abstract types or module privacy) to restrict the creation > of instances of this new type, and expose functions that produce an > instance of this type by sanitization. I think that this is a better use of > the language than using ‘unsafe’ in a confusing and unidiomatic way. > Definitely, a SQL driver should operate on a RawQuery or what have you. Rust doesn’t really provide any specific features for security beyond > memory safety, but it should be possible to extend the language to support > things like information-flow security, etc. Yeah, the paper I linked describes using dependent types to do what is effectively taint checking by proof -- Tony Arcieri
_______________________________________________ Rust-dev mailing list Rust-dev@mozilla.org https://mail.mozilla.org/listinfo/rust-dev
