"Don" <nos...@nospam.com> wrote: > I don't think it's quite the same. In a makefile, every executable is > listed, and so you can have some degree of control over it. But in this > scenario, the compiler is making calls to arbitrary shared libraries with > arbitrary parameters. > It means the compiler cannot be trusted *at all*.
You are right only partially - it's unsafe for browser language where code is taken from untrusted source. But this feature gives so much power to the macro sysrem - that I think is worth considering it. IMO, usually compiled code is run just after compilation (with the same prermissions as compiler) - so compiled code can make dangerous things and can't be trusted at all, but no one is worry about that. Yes compiler can't be *trusted* with this features, but if one knows what he is doing, why to prevent him - add option --enable-ctfe-DANGEROUS-features to allow potentially dangerous features then it wouldn't be so unexpected. Are those features hard to add to the current implementation?