wolf4ood@lemmy.ml to Rust Programming@lemmy.ml · 1 year agoRust Malware Staged on Crates.ioblog.phylum.ioexternal-linkmessage-square7fedilinkarrow-up168arrow-down15
arrow-up163arrow-down1external-linkRust Malware Staged on Crates.ioblog.phylum.iowolf4ood@lemmy.ml to Rust Programming@lemmy.ml · 1 year agomessage-square7fedilink
minus-squareLucky@lemmy.mllinkfedilinkarrow-up7·1 year agoAnother way to mitigate type squatting would be namespacing crates. Much easier to verify who owns the package and related packages
minus-squareVorpal@programming.devlinkfedilinkarrow-up2·1 year agoDoesn’t really help: what if you typo the namespace instead? Same exact issue. Namespaces are useful for other things though, but not security.
Another way to mitigate type squatting would be namespacing crates. Much easier to verify who owns the package and related packages
Doesn’t really help: what if you typo the namespace instead? Same exact issue. Namespaces are useful for other things though, but not security.