Feedback about an experiment to embed Python interpreter with FFI API

[Pedro Lamarão]

Em ter., 28 de dez. de 2021 às 09:07, Maxim Karpov <me at m-k.mx> escreveu:


> Malicious (or poorly written) program or application can do much more to
> crash the JVM or whole OS. Throwing an Error without a stack trace, calling
> System.exit or just doing `rm -rf /` or `rm -rf ${HOME}`, just to name a
> few. So, what else should we expect? --enable-system-exit?
> --enable-file-io?
> --enable-process-builder? --enable-override-stack-trace?


Yes, please!
It is easy enough for application provider's to prepare launch scripts with
everything necessary to run.
The inconvenience is not imposed on the user of the application but the
user of the programming environment.
To alleviate this person from the inconvenience of explicitly enabling
unsafety leads to the effective negation of the protections.
Example: https://www.infoq.com/news/2021/11/rudra-rust-safety/

-- 
Pedro Lamarão