An idea to mitigate attacks through malicious crates

I think this is more or less the same idea I proposed here:

My observation was there's a common element uniting everything with effectful behavior (or otherwise relying on ambient authority, which is an effectful behavior): unsafe.

What I was ultimately suggesting was something where unsafe blocks are tied to something like cargo features, so feature labels like this could get applied, and crates consuming other crates could potentially opt-in to any unsafe behaviors.

It'd end up looking a lot like this proposal, except it'd rely on something very close to the existing cargo features mechanism, and it'd be useful with any crate, including `std.

1 Like