Wasmtime GitHub notifications bot (Jun 08 2020 at 15:38): Wasmtime GitHub notifications bot (Jun 08 2020 at 15:38):github-actions[bot] commented on Issue #1842:
Subscribe to Label Action
cc @bnjbvr
<details>
This issue or pull request has been labeled: "cranelift", "cranelift:area:aarch64", "cranelift:area:x64"Thus the following users have been cc'd because of the following labels:
- bnjbvr: cranelift
To subscribe or unsubscribe from this label, edit the <code>.github/subscribe-to-label.json</code> configuration file.
Learn more.
</details>
Wasmtime GitHub notifications bot (Jun 10 2020 at 13:12):bnjbvr commented on Issue #1842:
This seems fine to me, but one question: are we sure this can't be a security hole in any sense? I mean, given that setting SERIALIZE_REGALLOC causes code to be dumped in some publically visible location (/tmp). Fine if it's developer only and will never be possible in production builds. I just wanted to check that, if there are security issues, they have been considered.
Definitely possible in production builds, but only oriented towards developers. I've made this a configurable path instead, as suggested before, and introduced a new feature flag for this. Thanks for the reviews!
Last updated: Nov 22 2024 at 16:03 UTC