Source linked

Cackle blocks Rust supply-chain attacks with per-crate API whitelisting

davidlattimore.github.io@patient_dolphin3 hours ago·Developer Tools·5 comments

A new Rust tool, cargo-acl, lets you define which crates can use filesystem, network, or process APIs - catching malicious packages that suddenly start phoning home.

cacklecargo aclrustsupply chain securitydavid lattimorecode acl

250 indirect dependencies per project, and any one of them can turn your binary into a data siphon. David Lattimore's Cackle (cargo-acl) doesn't just audit your lockfile - it checks which crates actually use network, filesystem, or process APIs and flags those that shouldn't.

How a Rust crate turns into a backdoor Lattimore walks through a fictional but painfully realistic attack: Alex maintains a Rust tool with ~20 direct and ~250 indirect dependencies. One transitive dep, foobar, gets a new maintainer named Bob who ships an update that calls std::net::TcpStream::connect and exfiltrates a client user database. By the time Alex pins the old version, reputational damage is done. This isn't hypothetical. Python and Node.js ecosystems see supply-chain attacks regularly. Rust's crate registry is still relatively safe, but the attack surface grows with adoption.

Cackle's approach: whitelist APIs, not just versions Cackle works by defining API classes in a cackle.toml alongside Cargo.toml. You declare which crates are allowed to use "net", "fs", "process", or unsafe. Run cargo acl and it inspects the actual code references in your entire dependency tree. An example API definition:

include = exclude =
Then whitelist a specific package:

When a crate suddenly starts using std::net where it never did before, Cackle flags it as a problem. You see the change immediately, not after a breach.

Installing and bootstrapping Cackle currently supports Linux only. Install with cargo install --locked cargo-acl. It ships with a terminal UI that helps you generate an initial config by walking through your crate tree and marking which API calls are expected. The tool complements existing practices like cargo-vet, cargo-crev, and manual code review. It doesn't replace them - it catches the class of attack where a trusted crate turns malicious after passing initial review. For a project with hundreds of transitive dependencies, Cackle turns an implicit trust relationship into an explicit, auditable one. Apply it before cargo update becomes a liability.

Source: Making Rust supply chain attacks harder with Cackle (2023)
Domain: davidlattimore.github.io

Read original source ->

External source stays available while the OJO article and comment thread stay local.

More in Developer Tools

view topic
How to Build a Custom Query Language on Apache Spark with Lark

Nchammas compiles a domain-specific language for vehicle maintenance queries into Spark jobs using 50 lines of Lark grammar - no custom query engine required.

Hugging Face Ships huggingface_hub Weekly with an Open-Source AI Release Bot

By replacing manual release note writing with an open-weights model and a deterministic CI pipeline, Hugging Face now ships huggingface_hub every week, saving maintainers half a day per release.

Local Models Replaced My $200/Month ChatGPT Pro for Repo Triage

Running Gemma and Qwen locally on a single NVIDIA GB10 handles real-time triage of hundreds of OpenClaw PRs per day without any API cost.

Rhombus v1.0 Ships: Racket with Syntax and Extensibility That Matters

Rhombus 1.0 delivers Racket's macro power in a conventional syntax, with a new class system, pervasive pattern matching, and shrubbery notation for metaprogramming.

Comments load interactively on the live page.