Very interesting and understandable explanations of low level architecture and filesystems, namespaces, userspace, kernel functions, drivers etc.

Highly recommend!

  • KSP Atlas@sopuli.xyz
    link
    fedilink
    arrow-up
    0
    ·
    6 months ago

    Redox doesnt seem secure at all to me, i tried it out in a VM today and there was a publicly accessible file at the root of the file system containing unhashed credentials

    • boredsquirrel@slrpnk.netOP
      link
      fedilink
      arrow-up
      0
      ·
      6 months ago

      Very interesting, please report that to them, it may be because of some experimental stage.

      For example an installation media needs some form of accessible first user creation. Anaconda etc may be more advanced here.

  • massivefailure@lemm.ee
    link
    fedilink
    arrow-up
    0
    ·
    6 months ago

    The biggest lie of programming these days is just because something is coded in [trendy “secure” language of the day, including Rust] means it’s secure. Bullcrap. It’s how you code things that make it secure or not. You can be proficient enough in C to make programs that are much more secure vs. rust. The fact that everyone makes mistakes and programming is an enormous beast to wrangle with makes things insecure and needs to be monitored and fixed.

    • wargreymon2023@sopuli.xyz
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      6 months ago

      Nope, rust is ideal for kernel code, it really is an improvement.

      Writing kernel in C is like building a house with a hammer on loosen handle, there is too much give and the builder has to tap it a few times before every strike. You could say the builder knows how to build and secure a house, but hes still a human. The loosen handle adds too much difficulty result in errors which would otherwise be avoided.

      • massivefailure@lemm.ee
        link
        fedilink
        arrow-up
        0
        ·
        6 months ago

        Right here, is what I’m talking about. People believe that the code/language itself is inherently safe/secure or unsafe depending on what you choose and that’s wrong. It’s what the programmer does with that code that makes it safe or unsafe, secure or insecure. You can have the best designed and engineered materials on the planet and people are still going to be able to make things that will fall over and cause massive disasters with it. Stop bowing down to freaking Rust as if it’s the damn savior of computing and programming. In the end, it’s just another language and one another step removed from low level computing where it’s easiest to deal with hardware-level and basic functionality systems at a huge cost.

        • boredsquirrel@slrpnk.netOP
          link
          fedilink
          arrow-up
          0
          ·
          6 months ago

          This means there are C functions that are documented and used, but insecure.

          In Rust there is simply an enforcement of certain conventions, which will make code cleaner and prevent a whole class of errors.

          • massivefailure@lemm.ee
            link
            fedilink
            arrow-up
            0
            ·
            6 months ago

            No one who knows anything about C uses insecure functions without having a good reason and a good foundation around them to keep them secure. The functions are there to allow C to have maximum flexibility and low-level access to a system. For the most part, these shouldn’t be used, and any decent C programmer knows that. Comparing that with Rust where people think the entire language is inherently safe and has zero awareness of what they might be doing is laughably insecure is the heart of the problem.

            Been programming longer than most of you have been alive, kids. Keep on defending your hacked together tricycle language and then crying when you manage to tip it over because of your overconfidence.

    • TheAnonymouseJoker@lemmy.ml
      link
      fedilink
      arrow-up
      0
      ·
      edit-2
      6 months ago

      madaidan and a lot of security clowns in FOSS/privacy community unironically claim that is how security works. However, it is true Rust is far better than C/C++ for security, if thousands of people are coding. Not everyone is going to be the best security programmer in the world.

    • steeznson@lemmy.world
      link
      fedilink
      arrow-up
      0
      ·
      6 months ago

      The rust standard lib uses unsafe in various places too. Even if you avoided every other category of error in your code logic, you could still end up with UB.

    • witx@lemmy.sdf.org
      link
      fedilink
      arrow-up
      0
      ·
      6 months ago

      You’re just partially correct.

      With Rust you get compile time guarantees that your code doesn’t have a specific class of vulnerabilities. Can you do that with C?

        • witx@lemmy.sdf.org
          link
          fedilink
          arrow-up
          0
          ·
          edit-2
          6 months ago

          Ahah, I’m pretty sure many of the programmers on Linux et al, that worked on code with CVEs are still better programmers than you will ever be. The fact is that a lot of projects are just complex and they are hard to reason about on languages like C.

          But I guess you know that. Keep trolling.

          • massivefailure@lemm.ee
            link
            fedilink
            arrow-up
            0
            ·
            6 months ago

            ALL CODE CAN HAVE BUGS BECAUSE WE ARE ALL HUMAN. NO ONE IS DENYING THAT.

            But thinking that Rust is inherently safer is actually trolling. I don’t care what you’re doing or who you are, you can make a gigantic security hole in ANY language, including Rust, and there’s zero difference. If you really think people are going around screwing up in C more than people are screwing up in Rust, particularly because they feel like “RUST IS SAFER I CAN DO ANYTHING”, you’re delusional.

            • witx@lemmy.sdf.org
              link
              fedilink
              arrow-up
              0
              ·
              6 months ago

              You are not very consistent, first you imply that not “being a shitty programmer” is the fix for security issues in C. And then you say that any programmer can and will make mistakes…

              Again you refuse to see my argument: yes I agree that viewing Rust, or any other language, as being a panaceia is wrong and following the hype. But Rust is provably better than C w.r.t to memory safety issues because it, provably, finds memory issues during compile time. I’m not discussing other types of security issues.

              Yes C needs all that “freedom” with memory due to its low level use cases, but Rust is proving that it can also cover those cases (with the unsafe keyword) and cover the opposite cases where you want more strict memory usage and safety, so much so that you see now operating systems and firmware being developed in it. I won’t argue and compare performance as I don’t know enough.

              You could argue that Rust by providing the “unsafe”, keyword can and will have memory issues, but IMO the fact that you need to enclose unsafe operations in a scope allows for more focused reviewing and auditing

              • massivefailure@lemm.ee
                link
                fedilink
                arrow-up
                0
                ·
                edit-2
                6 months ago

                Sick of debating you people on this. You can’t understand basic logic which tells me right away that you’re either not a programmer or a really bad one, or, more likely, you have some sort of investment in the language’s success.

                There’s no conflict in the statements that you need to be a good C programmer and that it’s impossible to be a perfect programmer. This non-argument is you either not understanding common sense and logic, or you grasping at straws in the vain hope that people will think you’re right because you’re so obsessed with your language of the year that will be forgotten soon enough and replaced with, again, C and other traditional, good, useful languages.

                I don’t know which is the case, but the frenzied, unhinged way you’re trying to defend rust makes me think you have an investment in the language in some way, which makes your argument invalid. I have no such attachments.

                If you can’t understand such common sense arguments, I can’t believe that you even know how to write “Hello World” in any language.

                • witx@lemmy.sdf.org
                  link
                  fedilink
                  arrow-up
                  0
                  ·
                  edit-2
                  6 months ago

                  You keep coming up with insults or inflamatory comments instead of answering the points, when I’m just trying to have a discussion of ideas. I don’t understand why I am being unhinged when I even agreed with you partially.

                  I’m not a Rust programmer, I just play occasionally with it on pet projects. The languages I’m most experienced in are C++ and then C, I have no “horse in the race” of Rust, and I don’t see c/c++ going away anytime soon, I just see what the language improves on them

    • TMP_NKcYUEoM7kXg4qYe@lemmy.world
      link
      fedilink
      arrow-up
      0
      ·
      6 months ago

      What benefit would it provide though? It’s a microkernel so you could just add non-free drivers in the userspace. Things like Playstation would choose BSD instead.

        • TMP_NKcYUEoM7kXg4qYe@lemmy.world
          link
          fedilink
          arrow-up
          0
          ·
          6 months ago

          Sure but protect from what? Apple, Sony and Microsoft can just use BSD or any other proprietary kernel. Nobody will try to create the “new proprietary Linux” out of it because getting OS market share is hard even for an Open Source standard like Linux, let alone for some proprietary crap.

          A potential issue is someone like Qualcom who makes their own proprietary fork which works on their hardware only. So instead of digging through the tens of thousand lines of code which Qualcom publishes for their out of tree Linux kernels, you can only reverse engineer. But again we are talking about a microkernel so most of these lines of code would be proprietary regardless. At least we save time of these crazy developers who try to bring out of tree stuff into mainline.

          • Adanisi@lemmy.zip
            link
            fedilink
            English
            arrow-up
            0
            ·
            6 months ago

            It stops parts of Linux becoming proprietary, and becoming the dominant version users interact with. Comparisons with other kernels are irrelevant

        • TMP_NKcYUEoM7kXg4qYe@lemmy.world
          link
          fedilink
          arrow-up
          0
          ·
          6 months ago

          If your point is that it would need some kind of license that would prevent proprietary drivers, then I’m not really sure how would lawyers differentiate between drivers and straight up non-free apps running on it.

          • acockworkorange@mander.xyz
            link
            fedilink
            arrow-up
            0
            ·
            6 months ago

            GPL v3 prevents mechanisms that interfere with the ability of the end user to replace the free firmware of a device, like accepting only signed firmwares. It’s an “anti-TiVo” thing. It won’t prevent proprietary drivers, but any device distributed with it must not prevent the user from making their own drivers to replace them.

            There isn’t a real solution that would work for user space drivers. At least not yet. But just like GPL v3 rose from TiVo, if this becomes an issue I’m sure the lawyers of FSF will come up with something, and Linus and a lot of other folk will hate it.

    • fruitycoder@sh.itjust.works
      link
      fedilink
      arrow-up
      0
      ·
      6 months ago

      What about MPL? That seen more accepted in the rust space.

      Agreed though, I don’t know what the obsession with some of rust based GNU project placement stuff on going backwards on copyleft. Like I want to contribute to the next Linux not the next base for an Apple to take over and write a nice foot note about.