In my humble opinion, when a remote code execution vulnerability appears in an application written in a memory safe language, you know you’ve chosen the wrong way to model a problem.
The art of writing code is defining the problem space, which is avoided completely when you allow the consumer of your interface to execute arbitrary code. The whole point of interfaces is to restrict the possible actions of a consumer of it — i.e. the inverse of arbitrary remote code execution — which is the hard part of software design.
The art of writing code is defining the problem space, which is avoided completely when you allow the consumer of your interface to execute arbitrary code. The whole point of interfaces is to restrict the possible actions of a consumer of it — i.e. the inverse of arbitrary remote code execution — which is the hard part of software design.