Re: [GNUnet-developers] Why old-school C?

[Andrew Cann]

@Ed

Christian mentioned gnunet-rust which is here
(https://github.com/canndrew/gnunet-rs). It's an early work-in-progress which
consists mainly of bindings to the existing C libraries but with some parts
reimplemented. If you want to expand it any way I'm happy to accept pull
requests. Rust is probably the best language around for combining safety with
low-level systems programming so it sounds like the sort of thing you're
looking for.

@Christian

> even though I personally think the choice of language is not the most 
> critical security issue today

I personally think the importance of choice of language is hard to overstate.
If your language's compiler treats any potential buffer overflow as an error
then you've eliminated buffer overflows from your code for all and forever.
Rust also permabans null pointer dereferences, dangling pointers and most kinds
of race condition. Then there's languages with even more advanced type systems
that let you do things like reason about the behaviour of processes
communicating over a network and prove that certain conditions hold. Apparmor
profiles and disciplined development will never be as good as having this kind
of static analysis built into the language.

I'm not saying the GNUnet devs should all switch to fancy-language-of-the-day,
that's not practical. Just that if they did then security (and bugs in general)
would pretty much be a solved problem.

 - Andrew

signature.asc
Description: Digital signature