64
Rust Malware Staged on Crates.io (blog.phylum.io)
submitted 10 months ago by wolf4ood@lemmy.ml to c/rust@lemmy.ml
5 comments fedilink hide all child comments
you are viewing a single comment's thread
view the rest of the comments
[-] Lucky@lemmy.ml 7 points 10 months ago

Another way to mitigate type squatting would be namespacing crates. Much easier to verify who owns the package and related packages

[-] Vorpal@programming.dev 2 points 10 months ago

Doesn't really help: what if you typo the namespace instead? Same exact issue. Namespaces are useful for other things though, but not security.

this post was submitted on 24 Aug 2023
64 points (93.2% liked)

Rust Programming

7734 readers
1 users here now

founded 5 years ago
MODERATORS
nutomic@lemmy.ml
Joe@lemmy.ml
AgreeableLandscape@lemmy.ml