Separately, yesterday the US National Security Agency published guidance on protecting against memory safety issues.
Announcement
Collapse
No announcement yet.
Rust Developers Move Ahead With Preparing To Upstream More Code Into The Linux Kernel
Collapse
X
-
Originally posted by uid313 View Post
Ruby is a terrible language for security despite being memory safe, not because of the terrible syntax, but because it is dynamically interpreted so it has poor handling of data types and null values.
wrt to nil (not null, Ruby doesn't have null) although there are problems with it, they still at least have syntax helpers to help deal with the problem, i.e. https://stackoverflow.com/questions/...uby-on-rails-2
- Likes 1
Comment
-
Originally posted by uid313 View PostNSA suggesting Ruby is quite scary!
I never liked Ruby, eww.
I like Rust but would much prefer that the syntax used a single dot instead of this noisy double colon syntax.
Also I find the module system confusing, I have to create a file with the same name as the directory to export files inside the directory.
- Likes 1
Comment
-
Modern C++ compilers has ASAN. I dont know if that would make it "memory safe" but its pretty much similar to rust that it can be turned off and on. Again the issue is not with c++ its with the implementations and tooling. Rust syntax cringes me out but also its centralized tooling and lack of standards are scary as well. You can see why big corp are pushing out.Last edited by cj.wijtmans; 11 November 2022, 08:40 PM.
- Likes 2
Comment
-
Originally posted by Volta View Post
How about protecting users from Platform Security Processor and Management Engine?Last edited by cj.wijtmans; 11 November 2022, 08:44 PM.
- Likes 3
Comment
-
Originally posted by cj.wijtmans View PostModern C++ compilers has ASAN. I dont know if that would make it "memory safe" but its pretty much similar to rust that it can be turned off and on. Again the issue is not with c++ its with the implementations and tooling. Rust syntax cringes me out but also its centralized tooling and lack of standards are scary as well. You can see why big corp are pushing out.
It's just that you can add unsafe blocks to call unsafe function and dereference pointers.
Unsafe can be easily spotted in interviews and then reviewed carefully, while everything else is guaranteed to be memory safe.
The development of Rust happens entirely on github in a transparent manner, unlike C/C++ which happens in the committee and requires you to pay some money just to download some RFCs or join in the committee.
If eanything, you should be more scary of C/C++, because their language spec are completely in control of the big corp and the committee itself is not transparent.
And C/C++ also get pushed by the big corp initially, so I don't see any problem with that.
- Likes 5
Comment
-
Originally posted by cj.wijtmans View Postthe issue is not with c++ its with the implementations and tooling.
- Likes 5
Comment
-
Originally posted by cj.wijtmans View PostNSA dont make me laugh.Last edited by CommunityMember; 12 November 2022, 01:17 AM.
- Likes 10
Comment
-
I do not like the ideology of accepting something that enjoys deprecating technology in secret or in a subdued manor.
Think this will really slow down the kernel. So far, I have not seen much use for rust or ruby, or any of the newer languages, except for maybe go programming language.
- Likes 1
Comment
Comment