Originally posted by brad0
View Post
Announcement
Collapse
No announcement yet.
Rust-Written Replacement To GNU Coreutils Progressing, Some Binaries Now Faster
Collapse
X
-
- Likes 1
-
Hmmm - I think it's a good idea.
I was for years a kernel/OS developer for a BSD variant with a lot of security features. The C language 'was" really the only choice for the kernel, but when qualifying apps it was very clear that the C language gives developers enough rope to hang themselves. It's easy to find app code (and sometimes kernel) that would allow a devious user to cause the app to walk off the end of an array, or pollute the stack, or corrupt a pointer, manipulate a file in unexpected ways. There have been several serious Linux kernel bugs over the years based on that, too. I've been using Haskell for a few years, and recently started learning Rust, and these languages prevent so many side-effects by their very design, that it's much easier to avoid creating security holes.
coreutils vs uutils / I don't think this was the most 'target dense' package of apps if security improvement is the issue. coreutils consists of a lot of small, generally simple, programs that have need around since dinosaurs ruled. They have been stared-at and honed many times. There are still likely some security holes in there , and these are so widely used that the cost of a vulnerability could be very high. Then there is the problem of creating new apps with identical options and features - hard work. IMO re-writing 'bash' in Rust would be a herculean effort, but would be likely to close a lot more security holes. There is a lot of weird stuff in bash.
GPL vs MIT ? That's more a political divide. One useful feature of GPL is that it doesn't allow anyone to "embrace, extend, and exterminate". IMO unlikely to be an issue for coreutils, where a main value is inter-compatibility. A main disadvantage of GPL is that it virtually prevents market funding of consumer-level SW; prevents a lot of entrepreneurial efforts. The reason why something like "TaxAct" has never existed under GPL is that it costs money to develop, the value to consumer per copy is modest <$50) and you'd sell about one copy before everyone had it. So many such projects end up begging for a paypal tips, like a hobo with a cup in hand. Dual license might have been the better choice here to keep the zealots and purists in their seats.
Yes it would be great to have a more secure, hopefully better-written version of most any common software.
- Likes 1
Comment
-
Originally posted by RhrUiUBMDJuh View Postbla bla bla ...
If people like you had your way, medicine would still consist of bloodletting and believe me, bloodletting cost more lives than it saved.
C gets used by so many including uneducated people that mistakes are unavoidable. Rust gets used right now mostly by people who could likely write secure code in many languages, meaning, they are skilled. They choose Rust out of political reasons, but not because of an actual need for it. Anyone who can explain why Rust would be better than C cannot simultaneously claim not to be able to write secure code. And most people who write here in favour of Rust belong to this category of people. Rust will never reach the level of accessibility of C. Java, JavaScript, PHP, Python, and even Lua have found their niches because these make certain areas more accessible. Rust does not make anything more accessible, it makes it at best more complicated, and as long as there are more accessible languages will users pick those before they pick Rust. You want to make comparisons to medicine?! Rust is DOA - Dead On Arrival. There is a term from medicine for you.Last edited by sdack; 03 February 2022, 12:56 PM.
Comment
-
Originally posted by sdack View PostGod, what a whiner you are. "if people like you had your way" Just no... All you are showing us is how much you base your argument on your belief rather than on experience. You still just blame the tool for the mistakes of the users. Nor can you think for yourself.
C gets used by so many including uneducated people that mistakes are unavoidable. Rust gets used right now mostly by people who could likely write secure code in many languages, meaning, they are skilled. They choose Rust out of political reasons, but not because of an actual need for it. Anyone who can explain why Rust would be better than C cannot simultaneously claim not to be able to write secure code. And most people who write here in favour of Rust belong to this category of people. Rust will never reach the level of accessibility of C. Java, JavaScript, PHP, Python, and even Lua have found their niches because these make certain areas more accessible. Rust does not make anything more accessible, it makes it at best more complicated, and as long as there are more accessible languages will users pick those before they pick Rust. You want to make comparisons to medicine?! Rust is DOA - Dead On Arrival. There is a term from medicine for you.
That was easy.
- Likes 2
Comment
-
Originally posted by wswartzendruber View PostSafe (default) Rust is superior for stability because it prohibits direct memory access.Last edited by sdack; 03 February 2022, 05:35 PM.
Comment
-
Originally posted by wswartzendruber View PostInteresting. You fundamentally do not understand C. Nor do you understand Rust.Last edited by sdack; 05 February 2022, 04:30 AM.
Comment
-
Originally posted by sdack View PostGod, what a whiner you are. "if people like you had your way" Just no... All you are showing us is how much you base your argument on your belief rather than on experience. You still just blame the tool for the mistakes of the users. Nor can you think for yourself.
C gets used by so many including uneducated people that mistakes are unavoidable. Rust gets used right now mostly by people who could likely write secure code in many languages, meaning, they are skilled. They choose Rust out of political reasons, but not because of an actual need for it. Anyone who can explain why Rust would be better than C cannot simultaneously claim not to be able to write secure code. And most people who write here in favour of Rust belong to this category of people. Rust will never reach the level of accessibility of C. Java, JavaScript, PHP, Python, and even Lua have found their niches because these make certain areas more accessible. Rust does not make anything more accessible, it makes it at best more complicated, and as long as there are more accessible languages will users pick those before they pick Rust. You want to make comparisons to medicine?! Rust is DOA - Dead On Arrival. There is a term from medicine for you.
- Likes 1
Comment
-
Originally posted by wswartzendruber View PostThey could absolutely ship a GPL program by itself. But they don't get to ship a GPL program as a part of a proprietary suite.
This is precisely why Apple doesn't ship BASH with macOS and they use KSH instead.
Just because you would LIKE for it to be otherwise (forcing microsoft to either go completely GPL or stay away entirely) doesn't change the legality of the situation.
- Likes 2
Comment
Comment