Are there plans add restrictions to cargo packages? Specifying what packages are allowed to access the file system and networking? I don't know how possible this is in Rust to add these restrictions
In nodejs people may have already heard of the event-stream package that was taken over by a malicious maintainer and then used to steal bitcoin by adding a hidden payload.
No comments:
Post a Comment