@[email protected] to

[email protected]English • 1 year ago

What is going on with serde?

social.treehouse.systems

87

What is going on with serde?

social.treehouse.systems

@[email protected] to

[email protected]English • 1 year ago

So, serde seems to be downloading and running a binary on the system without informing the user and without any user consent. Does anyone have any background information on why this is, and how this is supposed to be a good idea?

dtolnay seems like a smart guy, so I assume there is a reason for this, but it doesn’t feel ok at all.

Chat

@[email protected]
link
fedilink
English
13•
edit-2
1 year ago
I saw some other crate doing something similar but using wasm, the idea is to sandbox the binary used as a proc macro. So that seems a bit better. Can’t see to find it any more.

EDIT: Found it https://lib.rs/crates/watt
- @Anders429
  link
  9•1 year ago
  Fun fact: the guy who wrote watt is the same guy who wrote serde.

[email protected]

[email protected]

You are not logged in. However you can subscribe from another Fediverse account, for example Lemmy or Mastodon. To do this, paste the following into the search field of your instance: [email protected]

Welcome to the Rust community! This is a place to discuss about the Rust programming language.

Wormhole

[email protected]

Credits

The icon is a modified version of the official rust logo (changing the colors to a gradient and black background)

93 users / day
109 users / week
322 users / month
1.76K users / 6 months
6.05K subscribers
885 Posts
3.71K Comments
Modlog