Re: The Case for Rust (in any system)

From: Kyle Evans <kevans_at_FreeBSD.org>
Date: Mon, 09 Sep 2024 21:11:40 UTC
On 9/5/24 13:09, Alan Somers wrote:
> By now I expect that most of you have seen the long list of new
> security advisories that just came out.  Strikingly, all were the
> result of memory handling errors.  And none of them wouldn't have
> happened if their respective programs had been written in a
> memory-safe language.
> 
> In fact, of all the C bug fixes that I've been involved with (as
> either author or reviewer) since May, about three quarters could've
> been avoided just by using a better language.
> 
> The real takeaway here is that C is no longer sufficient for writing
> high quality code in the 2020s.  Everyone needs to adapt their tools.
> Programmers who don't will increasingly come to resemble experimental
> archaeologists, i.e. people who learn flintknapping to "keep the
> knowledge alive".  Such people are valuable, but definitely niche.  I
> for one don't want my career to go in that trajectory.
> 
> To summarize, here's the list of this week's security advisories, and
> also some other recent C bug fixes of my own involvement:
 > [... snip ...]

If even half of the energy that has gone into these threads would've 
been spent on a proof-of-concept rust-xtoolchain implementation with 
some motivating cases instead, we'd be in a lot better place to actually 
have these conversations.

Thanks,

Kyle Evans