I’m not writing this to criticize the uutils team. Quite the contrary; I actually want to thank them for sharing the audit results in such detail so that we can all learn from them.
Another stupendous reason to gpl uutils so that the decades of experence of hundreds of system programmers can be leveraged in the rewrite.
This is an excellent article that breaks down common pitfalls and provides really concise rules for avoiding them. It’s a great read if you’re in to systems programming.
As someone who is not at all into programming, this title made me genuinely think I had a stroke.
Those are bugs I dont think any programming language catch, unless it’s a DSL for writing such programs on Linux or another OS.
It could be improved. Sebastian Wick and Lennart Poettering made comments on how hard POSIX makes it hard to be secure. There are better APIs that try to be safer.
- https://blog.sebastianwick.net/posts/how-hard-is-it-to-open-a-file/
- https://mastodon.social/@pid_eins/116459585811044061
And since uutils is not Linux only, it can’t use these safer APIs directly, or at least not without writing more platform-specific code.
Some of them seem to be harder to fix or to get right in Rust than C though. Mostly due to “convenience” methods that make application writing easier.
