I think that the developer is being more interested in using rust is a very good way to pass the torch to new developers. There have been many changes since c, and I think that rewriting some of these historic utilities in a more modern language is a very Noble and useful effort.
Agreed. I think this is a much better argument than the security argument. Not that the security argument is entirely false but… I’ve always thought it was a little silly. Really, ls needs to be memory-safe badly enough that you’re going to spend time rewriting it instead of, say, libpng?
Yep, and this is why iniatives focused on security, such as the ISRG’s Prossimo project, are not pouring resources into uutils but instead into Rust replacements for things like OpenSSL, sudo or zlib.
Uutils is nifty nonetheless, but I think of it primarily as an educational/fun endeavor, not a security one. Everyone knows coreutils so it’s a good place to cut your teeth with Rust.
I’m not sure if I’ve ever seen the uutils folks talk much about security. I’ve seen a lot of arguments about it in comment sections, but I haven’t seen the project itself argue the security angle.
The blog post talks about it a decent amount - 5 times, according to Ctrl-F. BUT, one of those times is an FAQ entry I missed the first read-through saying they don’t find security a compelling argument. So, 🤷
I think that the developer is being more interested in using rust is a very good way to pass the torch to new developers. There have been many changes since c, and I think that rewriting some of these historic utilities in a more modern language is a very Noble and useful effort.
Agreed. I think this is a much better argument than the security argument. Not that the security argument is entirely false but… I’ve always thought it was a little silly. Really,
lsneeds to be memory-safe badly enough that you’re going to spend time rewriting it instead of, say, libpng?Yep, and this is why iniatives focused on security, such as the ISRG’s Prossimo project, are not pouring resources into uutils but instead into Rust replacements for things like OpenSSL, sudo or zlib.
Uutils is nifty nonetheless, but I think of it primarily as an educational/fun endeavor, not a security one. Everyone knows coreutils so it’s a good place to cut your teeth with Rust.
I’m not sure if I’ve ever seen the uutils folks talk much about security. I’ve seen a lot of arguments about it in comment sections, but I haven’t seen the project itself argue the security angle.
The blog post talks about it a decent amount - 5 times, according to Ctrl-F. BUT, one of those times is an FAQ entry I missed the first read-through saying they don’t find security a compelling argument. So, 🤷