Meh, this is a defence in depth measure anyway Edit: also, the supported platforms are ARM and x86...

oncallthrow • yesterday at 4:54 PM • 2 replies • view on HN

Meh, this is a defence in depth measure anyway

Edit: also, the supported platforms are ARM and x86. If your code isn’t running on one of those platforms, you probably know what you’re doing.

Replies

ctoth • yesterday at 5:41 PM

Linux

Windows and MacOS?

Go is supposed to be cross-platform. I guess it's cross-platform until it isn't, and will silently change the semantics of security-critical operations (yes, every library builder will definitely remember to check if it's enabled.)

➕ show 1 reply

hypeatei • yesterday at 5:54 PM

> Meh, this is a defence in depth measure

Which is exactly why it should fail explicitly on unsupported platforms unless the developer says otherwise. I'm not sure how Go developers make things obvious, but presumably you have an ugly method or configuration option like:

  dangerousAllowSecretsToLeak()

...for when a developer understands the risk and doesn't want to panic.

➕ show 3 replies

alt Hacker News

Replies