[PATCH] D70326: [docs] LLVM Security Group and Process
Jan Korous via Phabricator via llvm-commits
llvm-commits at lists.llvm.org
Fri Jul 10 12:43:32 PDT 2020
jkorous added inline comments.
================
Comment at: llvm/docs/Security.rst:204
+* Language front-ends, such as clang, for which a malicious input file can cause undesirable behavior. For example, a maliciously-crafter C or Rust source file can cause arbitrary code to execute in LLVM. These parts of LLVM haven't been hardened, and compiling untrusted code usually also includes running utilities such as `make` which can more readily perform malicious things.
+* *FUTURE*: this section will be expanded.
----------------
We should probably include tools that need to be run with elevated privileges of some sort. For example lldb getting root.
Repository:
rG LLVM Github Monorepo
CHANGES SINCE LAST ACTION
https://reviews.llvm.org/D70326/new/
https://reviews.llvm.org/D70326
More information about the llvm-commits
mailing list