Generate Rust JVM FFI wrappers around APIs defined by .jar or .class files, because maintaining your own hand-written bindings is an exercise in boredom, soundness bugs, and pain.
Currently, a maliciously crafted .jar can probably inject naughty code into the generated bindings. A proper parameterized API for writing code would do a lot to tighten up this security gap.
Of course, if you're using a maliciously crafted .jar, you're probably already pretty screwed on the security front - but if you're only running the outputs in a nicely constrained sandbox or other security context, I'd like to avoid contributing to any means of badware escaping said sandbox or security context.
Currently, a maliciously crafted
.jar
can probably inject naughty code into the generated bindings. A proper parameterized API for writing code would do a lot to tighten up this security gap.Of course, if you're using a maliciously crafted
.jar
, you're probably already pretty screwed on the security front - but if you're only running the outputs in a nicely constrained sandbox or other security context, I'd like to avoid contributing to any means of badware escaping said sandbox or security context.