undefined | Better HN

0 pointsGabriel4398y ago0 comments

However, the compiler/interpreter places an upper bound on the amount of code that we need to audit because it acts like a trusted kernel. We only need to audit the compiler/interpreter itself for safety and once we do so we can automatically trust all programs written in the language that it compiles/interprets

0 comments

marcosdumay8y ago

In a general case, the compiler acts as a sandbox. How much harm the malicious code can do depends on the specifics of how much IO it enables.

On the case of Dhall it's entirely safe, if you generalize it into a full OS equivalent system, you'd have to audit everything.

j / k navigate · click thread line to collapse

0 pointsGabriel4398y ago0 comments

0 comments

marcosdumay8y ago

In a general case, the compiler acts as a sandbox. How much harm the malicious code can do depends on the specifics of how much IO it enables.

On the case of Dhall it's entirely safe, if you generalize it into a full OS equivalent system, you'd have to audit everything.

j / k navigate · click thread line to collapse