Proposal: Security Working Group

Yep, although the examples you mention are rustc implementations, but it is a good point. Other platform mitigation examples can be found here.

All those mitigations you mention are to prevent chained memory exploits. Which shows you how terrible C/C++ coding is at memory management. The interesting thing is that, if you can ensure memory management is done 100% correctly, all those mitigations become unnecessary.

Continuing from my earlier discussion with the platform mitigations as example:

Since Rust has been shown to provide muuuuch better memory management, everything else security-wise suddenly becomes more important. It's the equivalent of living in a bad neighbourhood with a flimsy front door (C/C++), then you went out and got a 2-inch thick front door forged of Mithril in the fires of Balrog, and suddenly the fact that the windows don't have bars and the roof tiles are loose becomes a much bigger problem. Rinse and repeat with more Balrog huffing and puffing and you'll eventually end up with a rather nifty house that no wolf would ever be able to blow over. And, we're just past the front-door upgrade at the moment.

It should be clear, however, that a 10-inch front door (piling more and more security on rustc) won't solve the windows-without-bars problem in this analogy.

2 Likes