extend pragma(msg) with writing to file
Andrey Zherikov
andrey.zherikov at gmail.com
Mon Oct 10 01:10:42 UTC 2022
On Saturday, 8 October 2022 at 19:57:35 UTC, kdevel wrote:
> On Saturday, 8 October 2022 at 13:28:54 UTC, Andrey Zherikov
> wrote:
> [...]
>>>> How does write access change the risk in principle?
>>>
>>> Nice try.
>>
>> Tis is not an answer to the question how does writing make
>> security risks higher comparing to existing reading.
>
> What about
>
> ```
> ~/.ssh/authorized_keys?
> ```
>
> or
>
> ```
> ~/.profile
> ~/.bashrc
> ```
>
> Now assume someone coaxes you to compile his code under your
> account. See the problem which does not exist if the compiler
> could only read those files?
I see what you mean and I agree with you that unrestricted
writing should not be allowed.
But I see that my question was a bit unclear so let me re-phrase
it. Right now D has restricted compile-time reading: you can read
a file only in a subdir of `-J` CLI parameter (if there is no
`-J` then DMD will error out). What additional security risks do
you see if writing has the same restrictions as reading: requires
command line option (error out otherwise) and be allowed to
create files under specified (by CLI) folder only?
More information about the Digitalmars-d
mailing list