undefined | Better HN

0 pointsncmncm6y ago0 comments

This is the classic False Dichotomy.

Rust programs have bugs. Rust programs have security bugs. Are they mediated by memory usage bugs? Probably not, unless the program has unsafe blocks, or uses libraries with unsafe blocks, or libraries that use libraries that have unsafe blocks, or call out to C libraries. Or tickle a compiler bug.

Can it leak my credentials to a network socket as a consequence of any of those bugs, memory or otherwise?

Putting your memory errors in unsafe blocks may make them invisible to you, but that does not make them go away.

So, yes, of course it can.

0 comments

lmm6y ago

> Can it leak my credentials to a network socket as a consequence of any of those bugs, memory or otherwise?

Sure, that class of bugs still exists. But they're rarer and less damaging (even with stolen credentials, an attacker can't do as much damage as one who had arbitrary code execution).

Rust eliminates many classes of bugs. C++ does not: the fact that theoretically there could be non-buggy C++ libraries doesn't help you out in practice, because there's no way to distinguish those libraries from the very many buggy C++ libraries.

> Putting your memory errors in unsafe blocks may make them invisible to you, but that does not make them go away.

It's just the opposite: it makes the risk very visible, so in Rust you can choose to avoid libraries with unsafe. Whereas in C++ any library you might choose is likely to have memory safety bugs and therefore arbitrary code execution vulnerabilities.

pjmlp6y ago

Kind of true, AFAIK Rust binary libraries don't expose safety information, like it happens in ClearPath or .NET Assemblies.

Still too many libraries make use of unsafe when they could be fully written in safe Rust.

j / k navigate · click thread line to collapse