Hacker News new | past | comments | ask | show | jobs | submit login

Surely they did happen, a tiny set, meanwhile the C flaws that allowed the Morris worm to happen 30 years ago, are still present in C11 being written today.



Current compiler and OSes have some protections to avoid that precisely.

It won't be that easy.


Apparently it is, given the exploits presented at CCC talks.

Or the ones given by Google and Microsoft at Linux Kernel Security Summit 2018 and 2019.


I use OpenBSD, other OS'es focusing on performance over security doesn't interest me. Except 9front, but because of the huge networked grid as a bare computer.

But in OpenBSD even plan9port compiled software is done with Retguard:

>nm $HOME/Docs/c/p9p/9.aecho | grep retpo

00003150 t __llvm_retpoline_r11

https://undeadly.org/cgi?action=article&sid=20170819230157

It makes using acid(1) in OpenBSD a bit more difficult, but I almost always omit that.


I advise you to watch the CCC talk about validation of OpenBSD exploit mitigation features.

Yes, it is great that OpenBSD values security over performance, but as the talk shows, not every security feature is as secure in practice as OpenBSD sells it.


Ok, will do. Still Rust is not magical, even if it helps a lot.


Rust is not the only option to get rid of C, there are plenty to choose from.

Neither of them are magical.

All of them don't suffer from memory corruption, UB and use-after-free like C does.


There are a number of attacks that retguard can’t help with.




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: