On Sunday 29 September 2013 12:26:05 Callme Whatiwant wrote: > On Tue, Sep 10, 2013 at 12:39 AM, Marijn Haverbeke <[email protected]> wrote: > > The Rust team is aware of this possibility, and is guarding against it > > by keeping a log of checksums and source git revisions for the various > > versions of the compiler, so that compilers downloaded from the net > > can be checked, and we could, if something dodgy is found, back-track > > to a known trusted version of the compiler (or even all the way back > > to the OCaml bootstrap compiler, though that'd be a lot of work). > > > > It is theoretically possible that someone manages to sneak in a commit > > that adds an exploit to the compiler, but since patches are reviewed, > > that is not terribly likely to succeed. Also, Rust is a small target > > still, and it would be a marvelous feat of engineering to install a > > functioning exploit in a compiler that is being overhauled and changed > > all the time. > > It's great that the team considers this and has a plan. This kind of > attention to detail (including security detail) really attracts me to > rust! Keep it up. >
Another tack on (way of addressing) the problem would be a Rust-to-C++ (or other) code converter, thus allowing the Rust compiler to be built with GCC or another compiler using (hopefully reasonably) readable C++ (or other) code. Obviously converting Rust to C++ would lose out a lot of the compile-time safety and result in less readable code, but is it feasible? Such a converter would have other benefits too (such as making it easier to migrate away from Rust should the need arise and use some existing code analysis tools), hence my asking. I guess the standard library could be an issue, but there it would probably be easier to convert the library as a whole instead of porting code to a different library. Maybe tasks and a few other features would also present difficulties. Traits don't quite map to classes and generics don't quite map to templates. Has anybody thought more about this?
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ Rust-dev mailing list [email protected] https://mail.mozilla.org/listinfo/rust-dev
