Stream: git-wasmtime

Topic: wasmtime / Issue #1842 mach backend: allow snapshotting I...


view this post on Zulip Wasmtime GitHub notifications bot (Jun 08 2020 at 15:38):

github-actions[bot] commented on Issue #1842:

Subscribe to Label Action

cc @bnjbvr

<details>
This issue or pull request has been labeled: "cranelift", "cranelift:area:aarch64", "cranelift:area:x64"

Thus the following users have been cc'd because of the following labels:

To subscribe or unsubscribe from this label, edit the <code>.github/subscribe-to-label.json</code> configuration file.

Learn more.
</details>

view this post on Zulip Wasmtime GitHub notifications bot (Jun 10 2020 at 13:12):

bnjbvr commented on Issue #1842:

This seems fine to me, but one question: are we sure this can't be a security hole in any sense? I mean, given that setting SERIALIZE_REGALLOC causes code to be dumped in some publically visible location (/tmp). Fine if it's developer only and will never be possible in production builds. I just wanted to check that, if there are security issues, they have been considered.

Definitely possible in production builds, but only oriented towards developers. I've made this a configurable path instead, as suggested before, and introduced a new feature flag for this. Thanks for the reviews!


Last updated: Dec 23 2024 at 12:05 UTC