Dumb stuff in Rust has to be explicitly marked with unsafe. Meaning if you review the code you have to focus on only a couple of lines instead of the whole project.
You can of course still write lots of other bugs in Rust, but C-style buffer overflows are impossible in Rust, which eliminates the majority of security issues.
deleted by creator
But it’s harder and easier to spot.
You’ll never be 100% safe, but a proper lock is better than a “plz no steal” note.
Yes, it was just discovered on this year’s POPL that rust’s type system is not sound with respect to deadlock freedom.
https://dl.acm.org/doi/abs/10.1145/3571229
(of course this is not arguing that everyone should stay on C or CPP, just confirming the point that rust will allow stupid things.
Dumb stuff in Rust has to be explicitly marked with
unsafe
. Meaning if you review the code you have to focus on only a couple of lines instead of the whole project.You can of course still write lots of other bugs in Rust, but C-style buffer overflows are impossible in Rust, which eliminates the majority of security issues.