Conversation
r? @pcwalton (rust_highfive has picked a reviewer for you, use r? to override) |
hours indicating the next steps in handling your report. If you would like, you | ||
can encrypt your report using <a href="rust-key.gpg.ascii">our public key</a>. | ||
This key is also <a | ||
href="https://pgp.mit.edu/pks/lookup?op=vindex&search=0xEFB9860AE7520DAC">On |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Please fix the unescaped & here and in the other pgp.mit.edu links
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
@jruderman why would this need to be escaped?
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
It needs to be &
instead of &
, as it's part of an HTML attribute. In fact, if you open up http://www.rust-lang.org/security.html in Firefox and view the source, you'll see the &
is highlighted in red right now because it's invalid.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I feel... really dumb. I guess I'm so used to frameworks generating this for me, that I always thought it would need to be escaped in text, but not as part of an <a>
. https://validator.w3.org/check?uri=http%3A%2F%2Fwww.rust-lang.org%2Fsecurity.html&charset=%28detect+automatically%29&doctype=Inline&group=0 points this out too.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
continued in #142
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
For what it’s worth, it’s an authoring requirement in the HTML spec to escape &
there, but there’s also a implementation requirement in the spec for parsers to fix it up so that the end the result is the same. So the concern is mostly theoretical.
Can we spell out explicitly that anything allowing breaking memory safety in safe rust code is a security issue? It's unclear to me if the intention is just rustc & other applications and regular security holes in them (what that would be) or something more directly relating to the safety properties of the language itself. Also: Does it in that case apply to only the stable channel, or other channels too? If I don't get it, others might be confused as well. |
@bluss I wanted to make the topic of what should be a security bug be an RFC we discuss, but have this page up in the meantime. |
@brson other than the few nits, are you okay with merging this? |
@steveklabnik yes |
I merged this so we could see http://www.rust-lang.org/security.html , but it's not linked from anywhere yet. @jruderman , after I hear from you regarding the escaping issue, i'll make another PR linking it from the homepage. |
Not quite ready to merge. We need the notifications mailing list, and for #120 to link to it, so we'll probably merge this shortly after that lands.