Hacker News .hnnew | past | comments | ask | show | jobs | submitlogin

That seems like a lot of hoops to jump through considering that rust allows arbitrary code execution during compile time anyway.


>> That seems like a lot of hoops to jump through considering that rust allows arbitrary code execution during compile time anyway.

If you mean build.rs build scripts, yes, those do run, but it is not arbitrary code. You can view and inspect them before building. If you need more security, you can download all the dependencies and build inside an isolated container.


> but it is not arbitrary code

uhh ya it is. There's also https://github.com/eleijonmarck/do-not-compile-this-code


No. The code in question is plainly visible in the crate:

https://github.com/eleijonmarck/do-not-compile-this-code/blo...

This is true for all third-party libraries. If you blindly download and execute code from the Internet, this is a risk you are assuming.

As I stated above, if you need more security, you can download all the dependencies and build inside an isolated container.


[flagged]


You can't post like this here, so I've banned the account.

If you don't want to be banned, you're welcome to email hn@ycombinator.com and give us reason to believe that you'll follow the rules in the future. They're here: https://hackernews.hn/newsguidelines.html.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: