Most loved programming language Rust sparks privacy concerns
Rust developers have repeatedly raised concerned about an unaddressed privacy issue over the last few years. [...] However, for the longest time developers have been bothered by their production builds leaking potentially sensitive debug information.
In early 2017, a Rust developer filed an issue on the Rust lang's GitHub asking, "How can I stop rustc [from] including system specific information such as absolute file paths of the source it's compiled from in the binaries it generates? [...] These absolute path names revealed the developer's system username and the overall structure of directories, including the home directory."
[...] On a first glance, this "leak" of usernames and absolute paths may seem trivial to a reader. However, over years, many more developers were left surprised to notice such information being included not just in debug builds but their production Rust builds as well [1, 2, 3, 4, ...] and pushed for a change.
[...] Interestingly, despite being a privacy risk, the inadvertent inclusion of metadata such as absolute paths may aid computer forensics experts and the law enforcement as the path could reveal system usernames. Of course, any developer who is aware of this issue can trivially build their Rust applications inside of a container, and use a pseudonymous username to minimize impact from the issue.
To understand if Rust considered this a vulnerability or planned on a bug fix, BleepingComputer reached out to the Rust core team for comment.
"We agree that this is a bug worth fixing and will be supporting our teams in solving it," Manish Goregaokar of the Rust team and a senior software engineer at Google told BleepingComputer.
Although at this time, it is not known how or when the Rust team plans on resolving this issue, the increased pressure from the developer community seems to be steering Rust maintainers into an actionable direction.
(Score: 5, Insightful) by Anonymous Coward on Wednesday April 07 2021, @12:26PM (18 children)
Seriously?
(Score: 0) by Anonymous Coward on Wednesday April 07 2021, @01:15PM (1 child)
I might begin to start loving Rust if I can get modules compiled on different versions to link together. Such was the last attempt I made 2 years ago.
(Score: 0) by Anonymous Coward on Wednesday April 07 2021, @02:00PM
I tried the AUR git packages for about a month in 2015 and never completed a full toolchain compile. Cargo with broken OpenSSL bindings should not be a requirement at that stage of development. Waiting for nightly checkout and imminent failure let me read up on what the language was really about - bunch of CoCsuckers pushing their safe-space culture. I hate it!
(Score: 2) by HiThere on Wednesday April 07 2021, @02:09PM (4 children)
Judging by comments, yes. I don't like it, but many others appear to...well, like is too weak a word.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 3, Insightful) by Anonymous Coward on Wednesday April 07 2021, @02:17PM (1 child)
Corporate employees these days are required to love anything they are ordered to, aren't they?
(Score: 3, Informative) by DannyB on Wednesday April 07 2021, @03:29PM
Giving the external appearance of loving it is considered sufficient.
People today are educated enough to repeat what they are taught but not to question what they are taught.
(Score: 1) by The Mighty Buzzard on Thursday April 08 2021, @02:03AM (1 child)
I like some things about it, others I could live without. The language itself is quite enjoyable to code in. I can't stand the fucking libraries though, it's like they're all coded by teenagers who insist on using whatever shiny and new library they just heard about in their project (whether it benefits the project in any way or just enormous bloat for trendy points) and on putting political ideology above the code.
My rights don't end where your fear begins.
(Score: 2) by Subsentient on Thursday April 08 2021, @12:20PM
Fucking this.
Rust is actually fairly decent as a language, but the community is cancerous and toxic beyond words. The sooner GCC gets a Rust frontend and we can rip control of the language out of their fat, stubby, feta cheese scented hands, the better.
I learned Rust partly so I wouldn't have to worry about it in the future. In truth, it's only resulted in more worry, because now I see some of the issues in Rust and I'm scared that C++ will be "banished" to the point I have to put up with their shit.
"It is no measure of health to be well adjusted to a profoundly sick society." -Jiddu Krishnamurti
(Score: 5, Interesting) by turgid on Wednesday April 07 2021, @03:00PM (9 children)
Unfortunately, many people in the embedded world are starting to drink the Rust Kool Aide and it looks like it's about to achieve critical mass. That means we're going to have to learn it whether we like it or not.
To be fair, it is quite an improvement on C++ in some respects, but then again that wouldn't be difficult.
From what I've seen of Rust so far, it's a language designed by people who don't believe in unit tests. Like C++, it looks like it requires a very complex compiler which implies slow compiles, missing features and bugs. I can't help thinking they looked at C++ and asked themselves how they could make something even bigger.
Would anyone with any Rust experience like to elaborate?
I refuse to engage in a battle of wits with an unarmed opponent [wikipedia.org].
(Score: 3, Informative) by bart9h on Wednesday April 07 2021, @04:41PM
For what I superficially looked at Rust (tried to create a program with it), I agree with most of what you said, but Rust certainly is not even close to the size of C++.
(Score: 0) by Anonymous Coward on Wednesday April 07 2021, @06:30PM (4 children)
companies and governments will require a mem safe lang/programs soonish.
(Score: 2, Insightful) by Anonymous Coward on Wednesday April 07 2021, @09:25PM (3 children)
Aren't they all using Java (at best), for couple decades already? And C#, and Node.js.
Not that it helps them any.
(Score: 3, Insightful) by DannyB on Wednesday April 07 2021, @09:30PM (2 children)
Answer: Yes
It helps them some.
But many SN readers do not even realize that Java has been the top #1 or #2 language for over 15 years. They think of it as some obscure language nobody uses.
It is not difficult to program Java if you adjust your level of sanity accordingly.
People today are educated enough to repeat what they are taught but not to question what they are taught.
(Score: 3, Funny) by Azuma Hazuki on Friday April 09 2021, @09:38AM (1 child)
That's non-trivial in Java though. You need a SanityFactory, and for *that* you need a SanityFactoryFactory. Bloat. Bloat, I say! Real coders stare directly into the abyss and create strings as char *arrays! I/O I/O, C-thulhu kh'rash'n!
I am "that girl" your mother warned you about...
(Score: 3, Funny) by DannyB on Friday April 09 2021, @03:09PM
There is a time and place where staring into the abyss and coding for every single byte and cpu cycle is absolutely required.
For everything else there's mastercard.
People today are educated enough to repeat what they are taught but not to question what they are taught.
(Score: 3, Interesting) by wirelessduck on Thursday April 08 2021, @01:00AM
Are you sure? I have never used Rust, but a quick search of the Rust docs suggests otherwise.
https://doc.rust-lang.org/rust-by-example/testing.html [rust-lang.org]
https://doc.rust-lang.org/book/ch11-00-testing.html [rust-lang.org]
Perhaps this is a relatively recent addition to the language?
(Score: 2, Interesting) by The Mighty Buzzard on Thursday April 08 2021, @02:08AM (1 child)
MrPlow, my IRC bot that does a lot of SN submissions, is written it Rust. It's not bad on compile times for small projects but if you use other people's libraries, you'd better expect times to increase quite a lot and to have an enormous binary at the end. What new thing is hip and trendy is more important to too many library coders than having tight, efficient code.
My rights don't end where your fear begins.
(Score: 3, Insightful) by Azuma Hazuki on Friday April 09 2021, @10:06AM
Sounds like what Rust needs is something akin to the standard C++ libraries. Think that will ever happen? A standard, well-coded, tight set of libraries for basic functions I mean.
I am "that girl" your mother warned you about...
(Score: 0) by Anonymous Coward on Wednesday April 07 2021, @03:14PM
https://www.phoronix.com/scan.php?page=news_item&px=Rust-For-Android-OS-System-Work [phoronix.com]
(Score: 3, Funny) by Mojibake Tengu on Wednesday April 07 2021, @12:49PM (11 children)
Computer memory is Monad. Pointers are Arrows. NULL is Zero Ring algebra.
Rust is a language created by people who can't code made for people who don't understand computer memory.
The rest is a tragicomedy. Or, maybe a design stalking as planned by agencies who infiltrated FOSS.
Workaround: never put any software project to /home. Any browser or KDE online desktop weather gadget could tamper with that.
I keep a separate devel zpool for serious projects and separate users for each.
su is your friend. sudo is not.
Respect Authorities. Know your social status. Woke responsibly.
(Score: 4, Insightful) by Anonymous Coward on Wednesday April 07 2021, @12:57PM (10 children)
It's the same with all these modern, toy languages. Utter garbage. These idiots come out of college with little skills, and I have to work with them. I once had a young guy have a melt down because he actually had to write code because "what do you mean there isn't a library for that?!" I said, "welcome to software engineering."
(Score: 1) by The Mighty Buzzard on Wednesday April 07 2021, @01:12PM (1 child)
And knowing you have to work with idjits like that, don't you want something that will keep you from choking them every time they commit some code?
My rights don't end where your fear begins.
(Score: 0) by Anonymous Coward on Wednesday April 07 2021, @05:19PM
No one wants to hear your coding kinks ;-)
(Score: 4, Interesting) by HiThere on Wednesday April 07 2021, @02:15PM (7 children)
Sorry, but libraries are important. Yes, you could write your own hash table, I've done so. It's a bad idea. It adds immensely to the amount of time it takes to do the project. Even when using Fortran IV I used libraries frequently.
ALL the basic things should be handled by libraries. I was astounded when Algol didn't include any I/O statements, depending instead on libraries, but in just a few years I realized that was a reasonable decision, and today I feel it was the best available decision. This doesn't mean you shouldn't have standard libraries, of course. Algol didn't have that, but C did/does.
Javascript is what you use to allow unknown third parties to run software you have no idea about on your computer.
(Score: 2, Insightful) by Anonymous Coward on Wednesday April 07 2021, @02:21PM (1 child)
Some libraries MIShandle the thing they work at to the point that it's faster and easier to rewrite the part you need, than to reliably wrestle the library into submission.
(Score: 2) by istartedi on Thursday April 08 2021, @12:53AM
That's when you start calling it a "framework".
Appended to the end of comments you post. Max: 120 chars.
(Score: 5, Interesting) by Socrastotle on Wednesday April 07 2021, @03:42PM (4 children)
There's two opposite extremes here. I suspect he was not advocating for languages not having a basic IO library, but simply that some people become extremely library addicted where anytime they have any non-trivial task whatsoever they begin to try to find a library to do it. And so you end up with projects that have a gazillion dependencies tied together with duct tape and string, where when anything updates (or bugs out, or fixes a bug our library fan assumed was normal operating behavior), the entire system breaks. And then you get reports from some audit agency that 90% of bugs come from third party dependencies.
I find guys that have backgrounds in web domains are disproportionately made up of these types. Nightmare to work with because their entire style is optimized around hitting metrics that people who have no clue about code would think are good (buzzwords + speed) whereas people who are more aware of what's going on freak out under the realization that their submitted component is a ticking timebomb of the sort that your release product ends up with a half dozen patches on day 0.
(Score: 3, Insightful) by DannyB on Wednesday April 07 2021, @09:39PM (3 children)
Nothing is wrong with looking for a library.
I've been doing this job for almost 40 years. I can build anything I need from the machine code up to the application software. If there is some new technique or algorithm that I don't know, I certainly know how to find it and learn it.
If someone else has already solved a problem that I am facing, and made a nice library, then there is nothing wrong with using it. Especially if it is open source, maintained and has some community. Even if it is merely open source and unmaintained, I might use if if it looks like I could maintain anything that might need work in the future. Especially if it works today and I saved time by not reinventing it.
For most lower level, infrastructure, technology level things, most programmers aren't facing any new problems, most of the time.
This is true for many languages to one degree or other, but . . . in the Java world the sheer vastness and scope of libraries available is an embarrassment of riches.
One would be crazy not to take advantage of this.
People today are educated enough to repeat what they are taught but not to question what they are taught.
(Score: 2) by hopdevil on Thursday April 08 2021, @01:55AM (2 children)
Do the people that maintained the code after you have the same attention to those 3rd party libraries? Do you really trust the people that wrote that code or those take over the project from them?
This is how you get fucked by security issues, just sayin'
(Score: 3, Insightful) by DannyB on Thursday April 08 2021, @04:10PM (1 child)
Most libraries I use are developed by foundations with sponsors, or by communities that maintain things in an open and transparent way. These libraries tend to be widely used and by corporations that can afford to contribute.
Some libraries are relatively simple, need little maintenance. Being widely used still implies the "many eyes" thing. One library I started using over ten years ago started to become obscure. Another company which uses it in a major product (Jira) now maintains it. So I was pleasantly surprised.
As for trust, I don't give that easily. But I would point out that the libraries I used are often developed by people in other corporations making large commercial software products. So, in other words, peers.
I hear what you say about security issues. I pay attention to that. I look for updates, and why updates happen. But this is the typical over-engineered Java boring corporate world, vs the wild west of ${some-other-ecosystems}.
Your points are well made.
People today are educated enough to repeat what they are taught but not to question what they are taught.
(Score: 2) by hopdevil on Thursday April 08 2021, @04:33PM
I'm glad you clarified, respect++
(Score: 3, Interesting) by bzipitidoo on Wednesday April 07 2021, @12:53PM (19 children)
One bit of security theater I find ridiculous is this insistence that usernames or user IDs should be hidden. Even should be treated like they are passwords. I've encountered a few login pages that blot out with asterisks the username as it is typed in.
If the user is bothered by it, just choose a username that isn't their real name or otherwise identifies them. Personally, I use the username 'u'. Even that I have had a little trouble with. Several years ago when I last tried it, the OpenSUSE didn't like 1 character usernames. Their installer refused to accept it unless it is at least 2 characters. But you could go in later, after installation, and create another account with a 1 character username.
Still other systems insist on scraping the username, to "personalize" the computer, and use that tidbit of info for autofill and such like stuff. It's another reason why I like a 1 character username. Nice also for ssh and scp. Just make sure the password does not need the help of a long and sort of hidden username to be strong.
(Score: 2, Insightful) by Anonymous Coward on Wednesday April 07 2021, @01:03PM (16 children)
Oh look, here's yet another person who doesn't understand security. Having your user ID is one step in a chain that is needed to break into your system. Why make it easy for them? Are you really relying solely on a password to protect you?
(Score: 1) by The Mighty Buzzard on Wednesday April 07 2021, @01:10PM (3 children)
I think you mean private key not password. Guess on mine as long as you like. You'll be long dead before you manage.
My rights don't end where your fear begins.
(Score: 0) by Anonymous Coward on Wednesday April 07 2021, @04:08PM (2 children)
I bet it is the same as the combo on my luggage!
(Score: 1) by The Mighty Buzzard on Thursday April 08 2021, @02:10AM (1 child)
That's a bad bet. You have to tell me your luggage combo to find out if you won.
My rights don't end where your fear begins.
(Score: 2) by Azuma Hazuki on Friday April 09 2021, @10:08AM
We all know it's 12345, because, well... :D
I am "that girl" your mother warned you about...
(Score: 5, Insightful) by bzipitidoo on Wednesday April 07 2021, @02:27PM (11 children)
I am not relying on a username to protect me. That's not what they're for. They are (or were) supposed to be public, so people could communicate with each other. You'd even have directories that list everyone's username. What do you think commands such as "who" are all about? I realize that's from the days when Unix system design had a degree of naivety towards security, when the only thing stopping "cat /etc/passwd" from listing all the users AND PASSWORDS IN PLAINTEXT was the read file permission bit being set to false, yet the point is still valid. Receiving communications is a lot lot harder if not impossible, if you are not publicly visible in some fashion.
What really shows a lack of understanding is the use of fake security to bolster badly used real security. Trying to stop spam by trying to hide your email address is very sort of thing I mean. Under any reasonable scenario, email addresses cannot be kept private. Sure, add "NOSPAM" to your username to throw off the brainless spambots, but don't expect diligent use of that technique to stop the flood. What is more effective is going after the worst spammers. I haven't seen a penis enlargement spam email in decades. Still occasionally get the Nigerian prince or government official who will give me a fortune if I will just help him move some money, which of course requires my bank account number, which banks have really botched, trying to have it both ways on security, telling customers to keep that number hidden, but requiring that it be spread all around with every transaction.
(Score: 3, Touché) by NateMich on Wednesday April 07 2021, @03:37PM
Just like phone numbers.
Just like phone books.
Remember Terminator where he hunted down people from the phone book? It's kind of like that.
(Score: 3, Insightful) by epitaxial on Wednesday April 07 2021, @04:01PM
Times change. Deal with it. Why do you think systems no longer let you know if a username is valid before requiring a password?
(Score: 3, Interesting) by Tork on Wednesday April 07 2021, @04:11PM (6 children)
Question: Why even make the Username and the Login name the same?
I'm seriously asking. Though I've done web development, web-security was never a niche of mine, and I find the discussion fascinating.
🏳️🌈 Proud Ally 🏳️🌈
(Score: 2, Interesting) by Anonymous Coward on Wednesday April 07 2021, @04:25PM (1 child)
Because then you just made the Login name a second password.
(Score: 3, Insightful) by Tork on Wednesday April 07 2021, @04:36PM
Why is that a problem? What disadvantage outweighs providing an extra avenue to defend against attacks? It's not like we aren't lengthening our password requirements every few years, breaking up our passwords into more human-relatable chunks is inevitable.
🏳️🌈 Proud Ally 🏳️🌈
(Score: 2) by bzipitidoo on Wednesday April 07 2021, @10:25PM (3 children)
I have looked into the history of this. Why has it become customary to ask for the username, then the password? Why not ask for the password first, then the username? Or, even better, ask only for a password? It seemed likely it was to allow for the situation in which 2 different users chose the same password. If your password is rejected because someone else is already using it, that's a big clue. Would allow simultaneous attacks against all user accounts. There are, however, ways to mitigate that problem. A password only login system could enforce uniqueness and strength of passwords by adding a few extra random characters to the user's choice.
The custom of querying for a username then a password goes all the way back to the first "proto-OS" for a computer to handle multiple users, the Compatible Time-Sharing System (CTSS) in the early 1960s. CTSS was the forerunner to Multics and UNIX.
(Score: 2) by Tork on Thursday April 08 2021, @12:22AM
🏳️🌈 Proud Ally 🏳️🌈
(Score: 0) by Anonymous Coward on Thursday April 08 2021, @06:07AM (1 child)
What happens when two people have the same password? The username must be unique for each user so that the system can tell them apart, while the password needs to be secret and so can't guarantee uniqueness, otherwise changing your password to match someone else would reveal their password.
(Score: 2) by bzipitidoo on Thursday April 08 2021, @01:31PM
That's why a password only login system cannot let the user choose the entire password. Whenever a user sets a password, the system has to change the user chosen password a little bit, salt it, to insure there are no duplicates, and to strengthen them. Pick "1234" for the password, and the system might set it to "1234wXyZ".
(Score: 2) by hendrikboom on Wednesday April 07 2021, @09:22PM (1 child)
What days were that? Even in the 1970's, when I first used a Unix system, "caat /etc/passwd" would list the user names and encrypted passwords. And the encryption technique was a many-to-one function so there was not a feasible way to derive the password from the encrypted version.
And the read permission bit was set to allow reading so that anyone could check a password. But checking that password by encrypting it and comparing was a slow enough operation that straight guesswork was infeasible.
-- hendrik
(Score: 2) by bzipitidoo on Wednesday April 07 2021, @10:08PM
Security was uneven. Most real UNIX was pretty good, but the clones, not so much. In the late 1980s, I was given admin access to the university's Novell Network of MS-DOS based PCs, for a school assignment, to create a print server. DOS cloned a lot of Unix, but then as now, vendors skimped on the less visible items. That network had everyone's passwords in a password file, in plain text. I saw the passwords of every professor and every student who had reason to have an account. One professor was so cheeky about it, his password was nothing, 0 bytes long, just hit the Enter key.
It was a bit scary the vandalism I could have caused even inadvertently. The worst I did was cause a network wide starvation of resources with the first working version of my print server. When I tested it, all across the lab, people started commenting that their computers were no longer responding. I very quickly realized it had to be my print server that was doing it, and hit ctrl-c, which very fortunately got everything going again. I had programmed it to scan a specific directory for files, and if any were found, to send them to the printer and delete them. But I hadn't put any delay in between scans of the directory. Added a sleep() to the loop, and that fixed that problem.
(Score: 0) by Anonymous Coward on Wednesday April 07 2021, @04:22PM (1 child)
So you're the reason I keep having to use username 'u2'!
(Score: 3, Funny) by Tork on Wednesday April 07 2021, @04:38PM
🏳️🌈 Proud Ally 🏳️🌈
(Score: 3, Touché) by The Mighty Buzzard on Wednesday April 07 2021, @01:05PM (4 children)
Okay, I like my privacy as much as the next libertarian type guy but my username and build path are not even slightly sensitive fucking information. Witness:
My build directory for everything but Rehash stuff on pretty much every box I code on: /home/bob/work/$projectName
No, my name's not actually Bob. A couple decades ago I couldn't think up a witty username for killing my coworkers in the after hours office LAN party, so I went with the most generic one I could think of instead. And it mildly amuses me to continue to do so for the same reason.
My rights don't end where your fear begins.
(Score: 2, Funny) by Anonymous Coward on Wednesday April 07 2021, @01:14PM (1 child)
Let me guess: you keep all the secret stuff under /home/alice/...
(Score: 4, Funny) by The Mighty Buzzard on Wednesday April 07 2021, @01:20PM
Of course not. It goes under ~mattress/
My rights don't end where your fear begins.
(Score: 1) by Ethanol-fueled on Wednesday April 07 2021, @08:49PM (1 child)
Bob is the main bad guy [blogspot.com] in the Twin Peaks series, he also killed people there. Nice backstory too, he was a real-life stage decorator when David Lynch saw him and thought he would make a good bad guy, the rest was history.
(Score: 1) by The Mighty Buzzard on Thursday April 08 2021, @02:15AM
It's more like this [youtube.com] for me. In fact I first watched this about a year or two after I started using "bob" whenever I didn't already have anything better in mind; cracked me smooth up when I saw that bit.
My rights don't end where your fear begins.
(Score: 2) by RamiK on Wednesday April 07 2021, @01:31PM
complaints are to be filed with your system admin.
compiling...
(Score: 5, Insightful) by Anonymous Coward on Wednesday April 07 2021, @01:39PM
When same thing compiled by same thing with same settings by different users is not bit-for-bit identical, it is FAIL.
(Score: 2, Disagree) by fadrian on Wednesday April 07 2021, @02:04PM (2 children)
If you need that much privacy, use C. I'm sure there'll be no issues with that because we're all awesome coders.
That is all.
(Score: 2, Insightful) by Anonymous Coward on Wednesday April 07 2021, @02:14PM
Like with systemd, the issue is with the organized force pushing a halfbaked... thing down everybodys throats.
(Score: 0) by Anonymous Coward on Wednesday April 07 2021, @08:09PM
At least this explains why Google is pushing using Rust in Android...
(Score: 3, Insightful) by Anonymous Coward on Wednesday April 07 2021, @02:26PM
Yes, they can do this.
But, they should not have to, because rustc should never have included these paths into the binary in the first place.
(Score: 2) by Rich on Wednesday April 07 2021, @03:46PM (8 children)
GCC does that too, and GDB expects absolute paths to find the sources to debug. I've never seen that as security risk, but as annoyance when building on a workstation to an embedded target system. It probably can be bent somehow, but it was never that bad that I figured out how to. The pervasiveness of absolute paths also prevents the common Linux user from having nice application bundles like on the Mac. (There once was a distro that had such bundles, but even those could only ever be located in the application directory because of that)
I suppose the origin of all that is right at Stallman, who wanted to cancel all software that wouldn't conform exactly to his idea of freedom, which meant using his shitty build system to build from (movable) source into one final location. He saw it as a threat to his ideas if gcc output could be used in any further ways (he also vetoed a proposed ANSI-C backend for gcc that some people wanted to do).
As a sidenote, nothing against the Free Software movement, but maybe we should insist it being initiated by "Moglen/Stallman". As with "Mate/XOrg/GNU/Linux", never use "Stallman" alone, always use "Moglen/Stallman" for proper attribution, because Eben Moglen wrote the GPL in the first place :)
(Score: 0) by Anonymous Coward on Wednesday April 07 2021, @04:11PM (1 child)
GCC has supported project-root relative paths for many years because it makes the debug files portable between machines. LLVM, which Rust is built on, also supports this but Rust isn't even offering the option. The bigger issue is that Rust is including debug information in production builds, which is poor form.
(Score: 2) by Rich on Wednesday April 07 2021, @05:15PM
It was many years ago when I came across those troubles, and I guessed they have some options for this now. Yet it's still options that need juggling; way more difficult to handle than with last century's CodeWarrior, which would always have the right debug file. Rather than messing with gcc's build systems I prefer to run and debug the target code on the development machine linked to the hardware backend or a simulation thereof and only cross compile for deployment.
Also, by now, I don't think it is bad form to leave debug info in production builds. That's the only reasonable way to get usable feedback from those that manage to figure out ways of mishandling the software in ways neither you, nor even an army of testers would have ever thought of. Mac software usually crashes with a full stack crawl in the "Crash Reporter" window, getting it fixed is technically just copypasting this info into an e-mail away. Good thing, IMO.
(Score: 2) by pe1rxq on Wednesday April 07 2021, @04:13PM
But gcc has command line options to change the prefix to whatever you want.
If you want a deterministic and privacy friendly build, gcc will do it.
(Score: 0) by Anonymous Coward on Wednesday April 07 2021, @05:11PM (4 children)
(Looking into a stripped binary just compiled from C source) NO it does NOT.
Did you miss the "such information being included not just in debug builds but their production Rust builds as well" in TFA, or what?
(Score: 2) by Rich on Wednesday April 07 2021, @05:33PM (3 children)
Well, if it's stripped, it's stripped, inni? Which brings us to the question whether strip would work on rust compiled ELFs?!
(Score: 0) by Anonymous Coward on Wednesday April 07 2021, @09:29PM (1 child)
Those who reported the problem, state that the paths are compiled in.
(Score: 0) by Anonymous Coward on Thursday April 08 2021, @06:13AM
That's probably exactly what is happening: The offending paths are in compiler generated exception error messages. That should be handled through the standard methods for reporting tracebacks, but it seems that Rust doesn't follow those standards.
(Score: 1) by The Mighty Buzzard on Thursday April 08 2021, @02:20AM
Works quite a lot, yes. A quick check with /usr/bin/strings says it most certainly does not remove the project paths though.
My rights don't end where your fear begins.
(Score: 3, Interesting) by vali.magni on Wednesday April 07 2021, @05:00PM (10 children)
I'm on the fence about Rust. It's an interesting language, but I'm not sold. The learning curve is steep. Modern C++ can do a lot of things that Rust can. C++ comes with battle tested frameworks and algorithms, together with excellent tooling, profiling and integration.
I attempted learning and using Rust for about 6 months on some side projects, but Golang and plain old C++ did the job more easily with code that's easier to read and maintain.
Do others here see any killer uses for Rust where no other language will do?
(Score: 2) by hendrikboom on Wednesday April 07 2021, @09:29PM (8 children)
The only advantage Rust has over Go as far as I can see is the absence of garbage collection pauses. There are few applications for which garbage collection pauses are a problem.
(Score: 0) by Anonymous Coward on Wednesday April 07 2021, @11:49PM
Anything real-time or memory constrained can't use tracing collection. TC requires at least 4x the memory to get those pauses down to a reasonable level. Even reference counting is preferable in most cases and even those few exceptions tend to work better with a hybrid approach. Note that Rust also started with a tracing collector but then moved to reference counting and then to their current system due to the performance increases they got from each switch.
(Score: 2) by istartedi on Thursday April 08 2021, @12:58AM (6 children)
The big advantage of Rust isn't that. It's the "safe by default" approach. You have to explicitly do dangerous things, and most programs don't need to use unsafe constructs.
Understanding how safety works in Rust is one big hurdle you have to leap, along with a syntax that has some heritage from the ML family of languages and is thus not everybody's cup of tea. I myself haven't leapt in to it. Yes. I love Rust though. I love the fact that other people are using it. :)
Appended to the end of comments you post. Max: 120 chars.
(Score: 0) by Anonymous Coward on Thursday April 08 2021, @02:15AM (4 children)
This comment points to my least favorite thing about Rust. Rust insisted on using the idea of safe/unsafe and branding as "safe by default." There are plenty of dangerous things you can do in "safe" mode that includes memory bugs. But what happens is that a number of people don't know the nuances of what is and isn't safe so then they have a false sense of security because they aren't coding "unsafe."
(Score: 1) by The Mighty Buzzard on Thursday April 08 2021, @03:14AM (1 child)
It's not perfect but it really is quite good at keeping a noob from the majority of ways to completely fuck the dog memory-safety-wise.
My rights don't end where your fear begins.
(Score: 0) by Anonymous Coward on Thursday April 08 2021, @10:21AM
Of course not, and we don't disagree on that. But the problem is that a number of evangelize it as being perfect or give its limits unclearly and, as a result, a number of people accept that and believe to be perfect or with misunderstandings as to its limits. They love it because it is the most perfect language in its class because of that. Ironically, this leads to so much hate because you end up with people butting heads and talking past each other on its main differentiator from similar languages, which just breeds frustration that is then imputed on the language and the supporters efforts to improve it just make the situation worse because of their bad messaging.
(Score: 0) by Anonymous Coward on Friday April 09 2021, @06:20AM (1 child)
The only possible memory bug in safe mode is a lost cycle.
(Score: 0) by Anonymous Coward on Friday April 09 2021, @08:00AM
Keep telling yourself that. [github.com] And those are just the violations of the memory guarantees they attempt to provide that they know of and not the memory bugs that they don't know or that fall outside of said guarantees.
(Score: 2) by hendrikboom on Saturday April 10 2021, @09:19PM
There have been older languages that are safe by default Modula 3, for example, has been around for decades. What distinguished Rust is that it does it without garbage collection pauses.
-- hendrik
(Score: 1) by The Mighty Buzzard on Thursday April 08 2021, @02:25AM
The learning curve isn't really all that steep, there are only a few very atypical but important things you really have to get your head around and then it's just code like any other code. Get lifetimes and ownership squared away in your head and you'll have it down well enough to code it professionally. Assuming you're already capable of coding something else professionally, that is.
My rights don't end where your fear begins.
(Score: 0) by Anonymous Coward on Thursday April 08 2021, @05:56AM
Does rust force you to put stuff in your home directory? I normally don't put such stuff in my home directory.
I doubt most developers share their development boxes with other people nowadays. So if you're not one of the unlucky people incapable of doing it, just put the stuff elsewhere: /opt/src/rust, /work/rust or whatever. I don't care if potential attackers know these abs paths.