| ▲ | samatman a day ago | |||||||
Scenario A: A program has a memory vulnerability. That's bad, and the reason it's bad: attacker-controlled data can potentially trigger this vulnerability, which could even lead to privilege escalation. Scenario B: A program writes machine code in an executable region of memory, and the code has a memory vulnerability. That's bad, and the reason it's bad: attacker-controlled data can potentially trigger this vulnerability, which could even lead to privilege escalation. Scenario C: A program write machine code to disk, which is then read into memory and executed. That's bad, and the reason it's bad: attacker-controlled data can potentially trigger this vulnerability, which could even lead to privilege escalation. | ||||||||
| ▲ | dwattttt 19 hours ago | parent | next [-] | |||||||
Or scenario D: A text editor stores a URL in a location on disk, and another component then fetches and executes that with its current privileges. | ||||||||
| ||||||||
| ▲ | minraws 16 hours ago | parent | prev [-] | |||||||
How is that a memory safety issue in Rust compiler? What point are we making here. Am I just too dense to understand, is how the hell is that a need unsafe issue? Or anything to do with compilers??? | ||||||||