aboutsummaryrefslogtreecommitdiff
path: root/CAndC++.md
diff options
context:
space:
mode:
authorDominic Chen <d.c.ddcc@gmail.com>2016-07-11 21:34:03 -0700
committerJF Bastien <github@jfbastien.com>2016-07-11 21:34:03 -0700
commit62f30968a641ef6eb7f8cceadae232cea4ad7b4a (patch)
tree887d91745b8aee28176cfb67c7bdc44e64ef6a1e /CAndC++.md
parentf69ae0188a1905ee34d0a50f61d848759f5bcbf6 (diff)
downloadnanowasm-design-62f30968a641ef6eb7f8cceadae232cea4ad7b4a.tar.gz
Provide overview of security model (#717)
This commit introduces a discussion of WebAssembly's security model for both users and developers, though primarily targeted at latter. Resolves #205.
Diffstat (limited to 'CAndC++.md')
-rw-r--r--CAndC++.md8
1 files changed, 4 insertions, 4 deletions
diff --git a/CAndC++.md b/CAndC++.md
index c7c9694..236672c 100644
--- a/CAndC++.md
+++ b/CAndC++.md
@@ -95,10 +95,10 @@ And in practice, popular C and C++ compilers do optimize on the assumption that
alignment rules are followed, meaning that they don't always preserve program
behavior otherwise.
-On WebAssembly, the primary invariants
-[are always maintained](Nondeterminism.md). Demons can't actually fly out your
-nose, as that would constitute an escape from the sandbox. And, callstacks can't
-become corrupted.
+On WebAssembly, the primary [nondeterminism](Nondeterminism.md) and
+[security](Security.md) invariants are always maintained. Demons can't actually
+fly out your nose, as that would constitute an escape from the sandbox. And,
+callstacks can't become corrupted.
Other than that, programs which invoke undefined behavior at the source language
level may be compiled into WebAssembly programs which do anything else,