mixin D code into D code
Bill Baxter
dnewsgroup at billbaxter.com
Wed Feb 7 16:24:56 PST 2007
Pragma wrote:
> Vladimir Panteleev wrote:
>> Either way, allowing the compiler to run potentially dangerous code
>> should at least be optional (however [my] common sense would say that
>> it should be disallowed unless manually enabled). Imagine the problems
>> this would cause with remote compiling systems, for example at ACM
>> contests.
>
> I'm with you on that point.
>
> Take something like DSP: you have an embedded D compiler that is invoked
> in response to a change in a web-script written in D. Without being able
> to specify where these literal imports are coming from, the results
> could be disastrous.
But isn't DSP also going to *run* the resulting compiled code? If so
then you still have the exact same security issues.
--bb
More information about the Digitalmars-d
mailing list