Allowing relative file imports

Walter Bright newshound1 at digitalmars.com
Fri Mar 27 11:14:26 PDT 2009


grauzone wrote:
> Conclusion: the compiler doesn't need to be safe. Actually, using a 
> sandbox approach is probably more secure than trying to fix all compiler 
> security issues.

I've been reading a bunch of articles on making secure software lately. 
The consensus is that relying on one aspect to make software secure 
leaves one vulnerable. The more reliable way is to have layered security 
- so that if an attacker gets past one layer, he's got another layer he 
must get past.

Compiler security issues should be addressed, *and* the compiler should 
be run in a sandbox.

I'm also thinking of adjusting the code generation to reduce the ability 
to take advantage of buffer overflows, even though you shouldn't have 
buffer overflows in D.



More information about the Digitalmars-d mailing list