Making Rust supply chain attacks harder with Cackle (2023)
Summary
The article discusses Rust supply chain attack risks and introduces Cackle, a code ACL tool to restrict API usage and unsafe code in dependencies. It explains how Cackle works, examples of API definitions, sandboxing, and how to integrate into CI workflows to improve software supply chain security.