extend pragma(msg) with writing to file
TheGag96
thegag96 at gmail.com
Mon Oct 10 05:03:06 UTC 2022
On Sunday, 9 October 2022 at 12:33:59 UTC, kdevel wrote:
> The D program P is compiled before another program Q is
> compiled, both on the same account. After compilation the
> programs are deployed to the production machine/account where
> the "more sensitive data" reside. By mere compilation P can
> alter the source code of Q. Though P is never executed in the
> production environment its code is run via Q.
>
> Note that for pure scripting languages (without separate
> compilation stage) this attack vector does not exist.
Again though, refer to my last post. We *already* have this
problem with basically all of our other build systems that way
have today. The world hasn't ended yet because of that, so we may
as well at the very least reduce the layers of tooling complexity
at the same time.
More information about the Digitalmars-d
mailing list