Allowing relative file imports
Daniel Keep
daniel.keep.lists at gmail.com
Wed Mar 25 17:20:45 PDT 2009
Walter Bright wrote:
> Daniel Keep wrote:
>> If the code cannot set command-line switches, then there's no
>> difference, so let's ignore that case. Let's assume the code CAN set
>> switches. There's nothing to stop it doing this:
>
> It's a lot easier to scrub command line switches than to try to scrub D
> source code. It's the server that runs dmd, not the client.
>
> The rest of your proposal may be tight, I don't really know. I do wish
> to keep it, however, as simple as possible and the current scheme does
> that.
Sorry, poor choice of words. I should have said "Let's assume a
malicious party who either provided the code or knows how to exploit the
code can set switches."
I'm not proposing scrubbing the source in any way.
-- Daniel
More information about the Digitalmars-d
mailing list