Skip to content

Exploit mitigations applied by default are not documented #71098

New issue
New issue
Open
Open
Exploit mitigations applied by default are not documented#71098
Labels
A-docsArea: Documentation for any part of the project, including the compiler, standard library, and toolsA-securityArea: Security (example: address space layout randomization).C-enhancementCategory: An issue proposing an enhancement or a PR with one.PG-exploit-mitigationsProject group: Exploit mitigationsT-compilerRelevant to the compiler team, which will review and decide on the PR/issue.
@Shnatsel

Description

@Shnatsel
Shnatsel
opened on Apr 13, 2020

There seems to be no documentation on exploit mitigations in Rust, specifically:

  1. What exploit mitigations are supported?
  2. What mitigations are enabled by default?
    1. Is that answer different if building with cargo instead of rustc directly?
    2. Does that vary by platform?
  3. How to enable/disable specific mitigations?

This is relevant not only for security assessment, but also for performance comparison against other languages - both languages need to have the same exploit mitigations enabled for an apples-to-apples comparison.

Metadata

Metadata

Assignees

No one assigned

    Labels

    A-docsArea: Documentation for any part of the project, including the compiler, standard library, and toolsA-securityArea: Security (example: address space layout randomization).C-enhancementCategory: An issue proposing an enhancement or a PR with one.PG-exploit-mitigationsProject group: Exploit mitigationsT-compilerRelevant to the compiler team, which will review and decide on the PR/issue.

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions