[rust-dev] sandboxing Rust?

Daniel Micay danielmicay at gmail.com
Sun Jan 19 01:21:48 PST 2014


On Sun, Jan 19, 2014 at 4:17 AM, Daniel Micay <danielmicay at gmail.com> wrote:
>
> If there was a tiny subset of Rust it could be compiled down to with a
> simpler backend (not LLVM), then I think you could talk seriously
> about the language offering a secure sandbox. I don't think it is even
> obtainable with a codebase as large as librustc/LLVM. A pretty high
> number of issues in the Rust and LLVM trackers could be considered
> security issues, and those are just the ones we know about.

Of course, the entire compiler still has to be free of vulnerabilities
itself. Even if it targets a backend assumed to be correct, the
attacker still has the entire surface area of libsyntax/librustc to
play with.


More information about the Rust-dev mailing list