284

From BeepingComputer.

you are viewing a single comment's thread
view the rest of the comments
[-] qaz@lemmy.world 127 points 1 year ago* (last edited 1 year ago)

A new Linux vulnerability known as 'Looney Tunables' enables local attackers to gain root privileges by exploiting a buffer overflow weakness in the GNU C Library's ld.so dynamic loader.

It’s always memory management

[-] Molecular0079@lemmy.world 124 points 1 year ago

It’s always memory management

No wonder everyone's crazy about Rust.

[-] greybeard@lemmy.one 62 points 1 year ago

It's certainly why it is being used to build browsers and OSs now. Those are places were memory management problems are a huge problem. It probably doesn't make sense for every match 3 game to be made in Rust, but when errors cause massive breaches or death, it's a lot safer than C++, taking human faulability into account.

[-] agressivelyPassive@feddit.de 21 points 1 year ago

Question would be rather: why is something like C++ needed for such simple apps?

C++ seems to be in that weird in-between place of offering high level features to be reasonable productive, but still doesn't enforce/guarantee anything to make these features safe. I'd argue, very few programs need that. Either you're writing business stuff, then you want safety (Java, C#, rust), or you're writing embedded/low level stuff, then you want control (C, ASM).

The room for "productive, but not interested in safety" is basically just AAA games, I guess.

[-] intelati@programming.dev 10 points 1 year ago

C is almost the old "steady" standard now it feels like. It's so flexible and the frameworks are already built..

[-] entropicdrift@lemmy.sdf.org 15 points 1 year ago

...except that we also end up with cracks in our foundations like this exploit constantly being exposed as a result of all that C

[-] teawrecks@sopuli.xyz 7 points 1 year ago

Well you're not going to write asm if you want your code to be portable at all, and believe it or not C++ has a lot of features to help you not shoot yourself in the foot that C doesn't have (ex. OOP, RAII, smart pointers).

C wasn't really designed with dynamic memory management in mind. It was designed for someone who has absolute control over a machine and all the memory in it. malloc() and free() are just functions that some environments expose to user mode processes, but C was never designed to care where you got your memory or what you do with it.

[-] kylian0087@lemmy.world 8 points 1 year ago

What makes rust so resiliant against these types of atacks?

[-] lloram239@feddit.de 11 points 1 year ago* (last edited 1 year ago)

C has no memory protection. If you access to the 10th element of a 5 element array, you get to access whatever is in memory there, even if it has nothing to do with that array. Furthermore this doesn't just allow access to data you shouldn't be able to access, but also the execution of arbitrary code, as memory doesn't make a (big) difference between data and code.

C++ provides a few classes to make it easier to avoid those issues, but still allows all of them.

Ruby/Python/Java/... provide memory safety and will throw an exception, but they manually check it at runtime, which makes them slow.

Rust on the other side tries to proof as much as it can at compile time. This makes it fast, but also requires some relearning, as it doesn't allow pointers without clearly defined ownership (e.g. the classic case of keeping a pointer to the parent element in a tree structure isn't allowed in Rust).

Adding the safeties of Rust into C would be impossible, as C allows far to much freedom to reliably figure out if a given piece of code is safe (halting problem and all that). Rust purposefully throws that freedom away to make safe code possible.

[-] ziviz@lemmy.sdf.org 7 points 1 year ago

The short answer is Rust was built with safety in mind. The longer answer is C was built mostly to abstract from assembly without much thought to safety. In C, if you want to use an array, you must manually request a chunk of memory, check to make sure you are writing within the bounds of your array, and free up the memory used by your array when completely done using it. If you do not do those steps correctly, you could write to a null pointer, cause a buffer overflow error, a use-after-free error, or memory leak depending on what step was forgotten or done out of order. In Rust, the compiler keeps track of when variables are used through a borrowing system. With this borrowing system the Rust compiler requests and frees memory safely. It also checks array bounds at run-time without a programmer explicitly needing to code it in. Several high-level languages have alot of these safety features too. C# for example, can make sure objects are not freed until they fall out of scope, but it does this at run-time with a garbage collector where Rust borrower rules are done at compile-time.

[-] AffineConnection@lemmy.world 1 points 1 year ago* (last edited 1 year ago)

C was built mostly to abstract from assembly

That’s actually not true; rather, many modern architectures are designed to allow languages like C to be compiled more easily. Old architectures don’t even have a built-in stack.

[-] mmstick@lemmy.world 5 points 1 year ago* (last edited 1 year ago)

The compiler enforces "aliasing XOR mutability"; utilizes "move semantics"; has a "borrowing and ownership" model; and requires the programmer to tag their references with "lifetimes". Array accesses are checked at runtime if they cannot be guaranteed safe at compile-time. Variables passed by value (moved) cannot be reused. Variables cannot be moved or mutated if any borrow to them exists. You may either have only one mutable borrow, or many immutable borrows, but never both. Therefore you cannot mutate an array while iterating on it, and you cannot have two separate unchecked references to the same array. Every function or type that accepts a borrow must be able to annotate the lifetimes of references to ensure that references are always dropped in the correct order to prevent dangling references. Rust requires developing software with discipline using patterns that satisfy all of these constraints.

[-] Eezyville@sh.itjust.works 36 points 1 year ago

Didn't Microsoft do a study on security vulnerabilities and found that the overwhelmingly number of bugs was due to memory management?

[-] kryllic@programming.dev 27 points 1 year ago
[-] qaz@lemmy.world 14 points 1 year ago* (last edited 1 year ago)

That was the what I was thinking of when I wrote the comment. The CTO of Azure also said that he deems C++ in it’s entirety to be deprecated. I felt it was an exaggeration at first but I’ve started to agree with him recently.

Google also noticed a 33% decrease in Google Home crashes caused by NullPointerExceptions after switching to Kotlin. They have also declared Kotlin to be the preferred language for android.

It seems like the industry is shifting towards “safer” languages.

[-] Snowplow8861@lemmus.org 4 points 1 year ago

I'm not in America but the organisation for NIST recommends it in guidance now and its getting backing by the nsa

https://www.nsa.gov/Press-Room/News-Highlights/Article/Article/3215760/nsa-releases-guidance-on-how-to-protect-against-software-memory-safety-issues/

https://www.zdnet.com/article/nsa-to-developers-think-about-switching-from-c-and-c-to-a-memory-safe-programming-language/ https://www.malwarebytes.com/blog/news/2022/11/nsa-guidance-on-how-to-avoid-software-memory-safety-issues

I see this becoming required in the future for new projects and solutions when working for new governnent solutions. The drum is certainly beating louder in the media about it.

[-] MonkderZweite@feddit.ch 13 points 1 year ago

See? All code sucks.

this post was submitted on 04 Oct 2023
284 points (99.0% liked)

Linux

48366 readers
1630 users here now

From Wikipedia, the free encyclopedia

Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).

Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.

Rules

Related Communities

Community icon by Alpár-Etele Méder, licensed under CC BY 3.0

founded 5 years ago
MODERATORS