lcamtuf :verified: :verified: :verified: (@lcamtuf@infosec.exchange)
infosec.exchange
The coreutils Rust rewrite story is pretty funny. Coreutils are tools like rm, mv, mkdir, etc. Unlike binutils, this isn't a fertile ground for memory safety bugs. But, the rewrite was completed, and in the spirit of progress, Canonical decided to switch. But do you know what coreutils are a fertile ground for? Race conditions around file creation, deletion, permission setting, and so on. The original code accounted for decades of hard-learned lessons in that space. The Rust rewrite did not: https://seclists.org/oss-sec/2026/q2/332 PS. I'm not dunking on Rust. It's just that... starting over from scratch has its hidden costs.
  • MonkderVierte@lemmy.zip
    5·
    3 days ago

    Wy rename them?

    Because they have to work 100% like the original tools otherwise. I will not write compatibility checks for the -rs set in my scripts and likely nobody else too. Even POSIX compatibility is often already expected too much.

    • onlinepersona@programming.dev
      1·
      2 days ago

      Why so they have to work 100% like the original tools? Why can’t it overlap and add more? Why can’t it remove features that are confusing or a security liability?