Also, here's a paper that provides a formalized definition of security domains using dependent types:
https://research.microsoft.com/en-us/um/people/nswamy/papers/gradual-typing-embedded-securely-in-javascript-draft.pdf Would love to see Rust get dependent types eventually... but hey, I get it, gotta ship 1.0 before anyone gets a pony? ;) On Sun, Sep 21, 2014 at 1:41 AM, Tony Arcieri <[email protected]> wrote: > I'd also note: having a way of calling out these sorts of cases explicitly > is enormously beneficial to code reviewers. It provides an easily greppable > way to find where to focus their attention. I assume it would be beneficial > for static analysis tools as well. > > On Sun, Sep 21, 2014 at 1:39 AM, Tony Arcieri <[email protected]> wrote: > >> On Sun, Sep 21, 2014 at 1:34 AM, Daniel Micay <[email protected]> >> wrote: >> >>> It's not possible to represent the semantics of 'insecure' in the >>> language as >>> that's very poorly defined and varies across domains and libraries. >> >> >> I'd define it as "think before you use this" >> >> -- >> Tony Arcieri >> > > > > -- > Tony Arcieri > -- Tony Arcieri
_______________________________________________ Rust-dev mailing list [email protected] https://mail.mozilla.org/listinfo/rust-dev
