Linux

53325 readers

511 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
No misinformation
No NSFW content
No hate speech, bigotry, etc

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago

MODERATORS

AgreeableLandscape@lemmy.ml

nooter692@lemmy.ml

MarcellusDrum@lemmy.ml

cypherpunks@lemmy.ml

cyclohexane@lemmy.ml

d3Xt3r@lemmy.nz

Ubuntu explores replacing gnu utils with rust based uutils (www.cyberciti.biz)

submitted 4 weeks ago by Zenlix@lemm.ee to c/linux@lemmy.ml

10 comments fedilink hide all child comments

At first I was sceptical, but after a few thought, I came to the solution that, if uutils can do the same stuff, is/stays actively maintained and more secure/safe (like memory bugs), this is a good change.

What are your thoughts abouth this?

you are viewing a single comment's thread
view the rest of the comments

[–] zaemz@lemmy.world 0 points 4 weeks ago (3 children)

I personally don't see the point.

[–] 0x0@programming.dev 1 points 3 weeks ago

See other comments: all these rewrites are not using the GPL but rather permissive licenses like MIT. Bye-bye FOSS (in those ecosystems).

[–] lord_ryvan@ttrpg.network 1 points 3 weeks ago (1 children)

Mainly memory safety; split (which is also used for other programs like sort) had a memory heap overflow issue last year to name one. The GNU Coreutils are well tested and very well written, the entire suite of programs has a CVE only once every few years from what I can see, but they do exist and most of those would be solved with a memory and type safe language.

That said, Rust also handles parallelism and concurrency much better than C ever could, though most of these programs don't really benefit from that or not much since they already handled this quite well, especially for C programs.

[–] 0x0@programming.dev 1 points 3 weeks ago (1 children)

but they do exist and most of those would be solved with a memory and type safe language.

Maybe.

Still, there are other sources of bugs beyond memory management.

And i'd rather have GPL-ed potentially unsafe C code to... closed-source Rust code.

[–] ParetoOptimalDev@lemmy.today 1 points 3 weeks ago

The Rust code isn't closed source, but I'd strongly prefer a coreutils replacement to use GPL over MIT as well.

[–] ParetoOptimalDev@lemmy.today 0 points 3 weeks ago (1 children)

I fear moving away from GPL that moving to Rust seems to bring, but Rust does fix real memory issues.

Take the recent rsync vulnerabilities for example.

https://www.cyberciti.biz/linux-news/cve-2024-12084-rsyn-security-urgent-update-needed-on-unix-bsd-systems/#more-2215

At least this one in a Rust implementation of rsync would have very likely been avoided:

CVE-2024-12085 – A flaw was found in the rsync daemon which could be triggered when rsync compares file checksums. This flaw allows an attacker to manipulate the checksum length (s2length) to cause a comparison between a checksum and uninitialized memory and leak one byte of uninitialized stack data at a time. Info Leak via uninitialized Stack contents defeats ASLR.

[–] 0x0@programming.dev 1 points 3 weeks ago

I fear moving away from GPL that moving to Rust seems to bring, but Rust does fix real memory issues.

So you prefer closed-source code to potentially unsafe open-source code?

Take the recent rsync vulnerabilities for example.

Already fixed, in software that's existed for years and is used by millions. But Oh no, memory issues, let's rewrite that in ! will surely result in a better outcome.