Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

assist SES / Jessie users with Trojan Source risk? #923

Open
dckc opened this issue Nov 1, 2021 · 0 comments
Open

assist SES / Jessie users with Trojan Source risk? #923

dckc opened this issue Nov 1, 2021 · 0 comments
Assignees
@erights
Labels
confinement Pertaining to confinement of guest programs. kriskowal-review-2024-01 Issues that kriskowal wants to bring to the attention of the team for review as of January, 2024

Comments

@dckc
Copy link
Contributor

dckc commented Nov 1, 2021
edited
Loading

SES includes scans for some lexical forms (HTML comments, ...) that it cannot secure.

The Trojan Source risk does not seem directly relevant to the SES security model, but adding a scan to the Jessie lint rules or some such seems consistent with the goal of a dialect that "non-experts can use to write non-trivial non-exploitable smart contracts" and perhaps optional support in SES is cost-effective.

for reference:

cc @michaelfig @mhofman @kriskowal
@erights erights added the confinement Pertaining to confinement of guest programs. label Nov 1, 2021
@dckc dckc mentioned this issue Nov 3, 2021
Open
@kriskowal kriskowal added the kriskowal-review-2024-01 Issues that kriskowal wants to bring to the attention of the team for review as of January, 2024 label Jan 10, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@erights erights

Labels
confinement Pertaining to confinement of guest programs. kriskowal-review-2024-01 Issues that kriskowal wants to bring to the attention of the team for review as of January, 2024
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@kriskowal @dckc @erights