1. 10

  2. 5

    The ANSSI authored that document. That’s the National Cybersecurity Agency of France (fr: Agence nationale de la sécurité des systèmes d’information) and they publish a lot of valuable (and not so trivial) guides to help programmers and administrators secure their servers and applications.

    As Rust is a very security-centric language, it’s great to see such a guide from them!

    1. 1

      LIBS-UNSAFE is not described even though it’s one of the most important…

      1. 1

        An interesting list though I’m not sure I agree with not using panic. It should absolutely be used judiciously but I’m a fan of using it in “impossible state” situations. Failing fast in a known bad state is a really handy tool for ensuring your test coverage and app’s internal models are consistent.

        I mostly bring that opinion from years of OS development. When I worked on Windows, it was common for OS API’s not to check for null and to fail immediately on bad pointers. It was really helpful for tracking down bad code because you got a relatively useful stack.