lcamtuf :verified: :verified: :verified: (@lcamtuf@infosec.exchange)
infosec.exchange
The coreutils Rust rewrite story is pretty funny. Coreutils are tools like rm, mv, mkdir, etc. Unlike binutils, this isn't a fertile ground for memory safety bugs. But, the rewrite was completed, and in the spirit of progress, Canonical decided to switch. But do you know what coreutils are a fertile ground for? Race conditions around file creation, deletion, permission setting, and so on. The original code accounted for decades of hard-learned lessons in that space. The Rust rewrite did not: https://seclists.org/oss-sec/2026/q2/332 PS. I'm not dunking on Rust. It's just that... starting over from scratch has its hidden costs.
  • onlinepersona@programming.dev
    2·
    3 days ago

    Wy rename them? This exactly gives people the opportunity to contribute stuff to standard tooling without having to go through a mailing list and with a much better developer experience.

    Yes, it’s on Microslop Github, but I have hope they’ll see the light and move away from that AI riddled big tech platform. At the latest when forgejo or another forge implements federation.

    • MonkderVierte@lemmy.zip
      5·
      3 days ago

      Wy rename them?

      Because they have to work 100% like the original tools otherwise. I will not write compatibility checks for the -rs set in my scripts and likely nobody else too. Even POSIX compatibility is often already expected too much.

      • onlinepersona@programming.dev
        1·
        3 days ago

        Why so they have to work 100% like the original tools? Why can’t it overlap and add more? Why can’t it remove features that are confusing or a security liability?