Hacker News new | past | comments | ask | show | jobs | submit login

"A car with seatbelts can still crash, so why bother driving a car that has seatbelts?"

The class of error in the article is impossible in Rust unless you explicitly choose to use unsafe.




>why bother driving a car that has seatbelts

The implication openssh has no seatbelts is very wrong.

OpenSSH's internal architecture was engineered for robustness, and has privilege separation and sandboxing.


And yet TFA is about yet another vulnerability caused by something that Rust is immune to.


Yet the total number of vulnerabilities is smaller than other Rust-implemented programs, because security fundamentally comes down to the engineer, not how many seatbelts there are.




Consider applying for YC's W25 batch! Applications are open till Nov 12.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: