michael/luau
michael
/
luau
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Update SECURITY.md 

Note that native code gen is currently exempt from any security guarantees as it's a pre-production R&D component right now. This will change in the future as we deploy it to production.
This commit is contained in:
Arseny Kapoulkine 2023-03-01 14:40:40 -08:00 committed by GitHub
parent 6601c41bff
commit 48172dd5b1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
SECURITY.md
View File

@ -1,6 +1,6 @@
# Security Guarantees # Security Guarantees
Luau provides a safe sandbox that scripts can not escape from, short of vulnerabilities in custom C functions exposed by the host. This includes the virtual machine and builtin libraries. Luau provides a safe sandbox that scripts can not escape from, short of vulnerabilities in custom C functions exposed by the host. This includes the virtual machine and builtin libraries. Notably this currently does *not* include the work-in-progress native code generation facilities.
Any source code can not result in memory safety errors or crashes during its compilation or execution. Violations of memory safety are considered vulnerabilities. Any source code can not result in memory safety errors or crashes during its compilation or execution. Violations of memory safety are considered vulnerabilities.