Those sound like features that will eventually lead to major security issues. | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		Yeroc on Feb 3, 2024 \| parent \| context \| favorite \| on: Pkl, a Programming Language for Configuration Those sound like features that will eventually lead to major security issues.

bioballer on Feb 3, 2024 [–]

I/O can be sandboxed via flags.

For example, see these CLI flags: https://pkl-lang.org/main/current/pkl-cli/index.html#common-...

And when using the different language bindings, you can specify sandboxing options directly in that library.

zelphirkalt on Feb 4, 2024 | [–]

How many people will run a malicious config at least once without the flags? At some point it becomes a numbers game.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact