On 14/02/18 21:36, Philip Stehlik via zapps-wg wrote: > Hey folks, > In case you were planning to use the go implementation for your upcoming > participation, be aware of this issue with go 1.9.4 -- > https://github.com/golang/go/issues/23739
I honestly think the Go developers are deluding themselves if they think that gcc and clang can be used on untrusted input just by sanitizing compiler and linker flags; they were never designed to be secure for untrusted input. That said, please report which compiler flags need to be whitelisted at <https://github.com/golang/go/issues/23749> -- Daira Hopwood ⚧Ⓐ