Re: The Case for Rust (in any system)

From: George Mitchell <george+freebsd_at_m5p.com>
Date: Thu, 05 Sep 2024 19:49:34 UTC
On 9/5/24 14:09, Alan Somers wrote:
> By now I expect that most of you have seen the long list of new
> security advisories that just came out.  Strikingly, all were the
> result of memory handling errors.  And none of them wouldn't have
> happened if their respective programs had been written in a
> memory-safe language.

s/wouldn't/would/ ?

> 
> In fact, of all the C bug fixes that I've been involved with (as
> either author or reviewer) since May, about three quarters could've
> been avoided just by using a better language.
> 
An attractive proposition -- if we could only get universal consensus
on "a better language."

> The real takeaway here is that C is no longer sufficient for writing
> high quality code in the 2020s.  [...]
> To summarize, here's the list of this week's security advisories, and
> also some other recent C bug fixes of my own involvement:
> 
> [... an alarmingly long list of regrettable lapses ...]

You've actually got me thinking seriously about this.  Thank you!
I don't yet know enough about rust to assess whether it's the panacea
a lot of people believe it to be.  I kind of doubt it given the qualms
that have been expressed.

But for the first time in six years of retirement from a fifty-year
career in writing programs, and nothing else, you have caught my
interest in the possibility of fighting these stupid errors we have
all made.  Plenty of times, even in my own case!            -- George