On 14/02/18 21:36, Philip Stehlik via zapps-wg wrote:
> Hey folks,
> In case you were planning to use the go implementation for your upcoming
> participation, be aware of this issue with go 1.9.4 --
> https://github.com/golang/go/issues/23739

I honestly think the Go developers are deluding themselves if they think
that gcc and clang can be used on untrusted input just by sanitizing
compiler and linker flags; they were never designed to be secure for
untrusted input.

That said, please report which compiler flags need to be whitelisted at

Daira Hopwood  ⚧Ⓐ

Reply via email to