Mirrors/rust-analyzer
2
0
Fork 0
mirror of https://github.com/rust-lang/rust-analyzer synced 2024-11-16 09:48:10 +00:00
Code Issues Projects Releases Packages Wiki Activity

Merge #8145

Browse source 
8145: Document our security stance r=matklad a=matklad

bors r+
🤖

Co-authored-by: Aleksey Kladov <aleksey.kladov@gmail.com>
This commit is contained in:
bors[bot] 2021-03-22 10:56:37 +00:00 committed by GitHub
commit ad39959361
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 14 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
docs/user/manual.adoc
View file

@ -516,6 +516,20 @@ See https://github.com/rust-analyzer/rust-project.json-example for a small examp
You can set `RA_LOG` environmental variable to `rust_analyzer=info` to inspect how rust-analyzer handles config and project loading.
== Security
At the moment, rust-analyzer assumes that all code is trusted.
Here is a **non-exhaustive** list of ways to make rust-analyzer execute arbitrary code:
* proc macros and build scripts are executed by default
* `.cargo/config` can override `rustc` with an arbitrary executable
* VS Code plugin reads configuration from project directory, and that can be used to override paths to various executables, like `rustfmt` or `rust-analyzer` itself.
* rust-analyzer's syntax trees library uses a lot of `unsafe` and hasn't been properly audited for memory safety.
rust-analyzer itself doesn't access the network.
The VS Code plugin doesn't access the network unless the nightly channel is selected in the settings.
In that case, the plugin uses the GitHub API to check for and download updates.
== Features
include::./generated_features.adoc[]