Guidelines/philosophy for new operations, including security principles #242
Labels
security-tracker
Group bringing to attention of security, or tracked by the security Group but not needing response.
Comments
anssiko
added
the
security-tracker
|
The group discussed this issue and agreed to add "secure by design" guidelines to the spec (possibly to the MLOperand section, cross-linked to dedicated security section as appropriate). Related, we received general guidelines from the ONNX project and will incorporate also this perspective along with the security-focused guidelines. |
anssiko
added a commit
that referenced
this issue
Feb 17, 2022
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
The universe of operations supported by this spec is likely to grow in the future.
To ensure that new operators are shaped in a way that they can be implemented securely, it would be good to include some general guidelines/philosophy on how ops are defined to reduce potential for ops to result in implementation problems.
For instance, avoid reshaping tensors, simplicity of arguments, no parsers for complex data formats.
The text was updated successfully, but these errors were encountered: