[cheesecake-users] Safety
Grig Gheorghiu
grig.gheorghiu at gmail.com
Mon May 19 09:04:31 PDT 2008
On Mon, May 19, 2008 at 8:56 AM, Noah Kantrowitz <kantrn at rpi.edu> wrote:
> Does cheesecake_index ever actually execute any code from the package
> it is scoring? I want to know if it would be safe to run it against
> completely unknown (and therefore potentially hostile) code.
>
Noah -- cheesecake_index doesn't execute any code. Everything is
inspected statically. Michal and I were planning on enhancing
Cheesecake with the capability of executing code (such as unit tests)
in a sandboxed environment, but that's for Cheesecake 3k :-)
Grig
More information about the cheesecake-users
mailing list