lcamtuf :verified: :verified: :verified: (@lcamtuf@infosec.exchange)
infosec.exchange
The coreutils Rust rewrite story is pretty funny. Coreutils are tools like rm, mv, mkdir, etc. Unlike binutils, this isn't a fertile ground for memory safety bugs. But, the rewrite was completed, and in the spirit of progress, Canonical decided to switch. But do you know what coreutils are a fertile ground for? Race conditions around file creation, deletion, permission setting, and so on. The original code accounted for decades of hard-learned lessons in that space. The Rust rewrite did not: https://seclists.org/oss-sec/2026/q2/332 PS. I'm not dunking on Rust. It's just that... starting over from scratch has its hidden costs.
  • Lucy :3@feddit.org
    17·
    3 days ago

    It’s not, and it’s especially not to use resulting software. 90% of software I have problems with, let it be compilation errors or missing missing features due to bad libraries, is Rust

    • TehPers@beehaw.orgEnglish
      91·
      3 days ago

      The anti-Rust circlejerk is strong, wow.

      I have loads of software written in Rust installed, many of which I compile myself. Not once has the language choice been an issue that I’ve had with the software. Some of that software may be missing features, but that has little to do with the language and more to do with my decision to install v0.1.4 of the software.

      Python, on the other hand…

      And while we’re on the topic of coreutils, why does every C and C++ project I look at require me to install dozens of random libraries myself? I guess because they’re dynamically linked, which is cool and all, except the page to install each dependency has an encyclopedia of a README written in 1984 in a text file. It’s not usually an issue, just annoying.