Stream: git-wasmtime

Topic: wasmtime / issue #4174 Improve the `wasmtime` crate's README


view this post on Zulip Wasmtime GitHub notifications bot (May 20 2022 at 16:12):

cfallin commented on issue #4174:

Re: security -- if we can point to current efforts in addition to things-that-fully-exist-today, we could mention "We're also working with academic collaborators to fully formally verify our compilation pipeline", maybe?

It might also be worth mentioning that we follow best practices for security wrt guest code sandboxing, e.g. Spectre mitigations, and that we try to adopt defense-in-depth strategies where we can (extra guard regions, zeroing memory immediately after termination, using hardware CFI features to guard control flow, ...).

view this post on Zulip Wasmtime GitHub notifications bot (May 20 2022 at 16:40):

github-actions[bot] commented on issue #4174:

Subscribe to Label Action

cc @peterhuene

<details>
This issue or pull request has been labeled: "wasmtime:api", "wasmtime:docs"

Thus the following users have been cc'd because of the following labels:

To subscribe or unsubscribe from this label, edit the <code>.github/subscribe-to-label.json</code> configuration file.

Learn more.
</details>

view this post on Zulip Wasmtime GitHub notifications bot (May 20 2022 at 16:50):

alexcrichton commented on issue #4174:

I opted to also go ahead and merge security-sandboxing.md with security.md since security.md was otherwise empty. I additionall expanded the documentation with items you mentioned @cfallin. Finally I also tried to update some various documentation for #3704 to make sure relevant locations mention ahead-of-time where appropriate.


Last updated: Dec 23 2024 at 13:07 UTC