New Linux glibc flaw lets attackers get root on major distros

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
hardware-buttons linkedin-bot template-engine-js

InfluxDB – Built for High-Performance Time Series Workloads
InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.
www.influxdata.com
featured
Stream - Scalable APIs for Chat, Feeds, Moderation, & Video.
Stream helps developers build engaging apps that scale to millions with performant and flexible Chat, Feeds, Moderation, and Video APIs and SDKs powered by a global edge network and enterprise-grade infrastructure.
getstream.io
featured

  1. rust

    Empowering everyone to build reliable and efficient software.

    Mind you that there is a runtime overhead.

    If we look at access beyond on a slice's boundary:

    https://github.com/rust-lang/rust/blob/ea37e8091fe87ae0a7e20...

    This bounds check is what enables Rust code to fail with a panic vs continuing (which is what triggers a lot of bugs).

    Post about the impact on performance: https://blog.readyset.io/bounds-checks/

  2. InfluxDB

    InfluxDB – Built for High-Performance Time Series Workloads. InfluxDB 3 OSS is now GA. Transform, enrich, and act on time series data directly in the database. Automate critical tasks and eliminate the need to move data externally. Download now.

    InfluxDB logo

  3. c-ward

    An implementation of libc written in Rust

    Yeah it would. There are a few attempts, such as C-gull (https://github.com/sunfishcode/c-ward/tree/main/c-gull#readm...).

    > c-gull is a libc implementation. It is an implementation of the ABI described by the libc crate.

    > Currently it only supports --linux-gnu ABIs, though other ABIs could be added in the future. And currently this mostly focused on features needed by Rust programs, so it doesn't have all the C-idiomatic things like qsort yet, but they could be added in the future.

  4. zig

    General-purpose programming language and toolchain for maintaining robust, optimal, and reusable software.

    It's not so unusual to write the C runtime library in a different language.

    E.g. Zig is getting a libc written in Zig:

    https://github.com/ziglang/zig/issues/514

    Rust would work too of course.

  5. chromium

    The official GitHub mirror of the Chromium source

    On Linux, Chromium uses setuid or user namespaces to restrict the access of sandboxed components and seccomp-bpf to reduce the kernel attack surface.

    Check out the Chromium docs on this topic: https://chromium.googlesource.com/chromium/src/+/HEAD/docs/l...

  6. postfix

    Postfix MTA by Wietse Venema

    FWIW C can do it too to some extent, here's postfix: https://github.com/vdukhovni/postfix/blob/master/postfix/src...

  7. rust-playground

    The Rust Playground

    Overflow checks turn into two's compliments' wrapping, but that's only considered acceptable because bounds checks are not turned off.

    https://play.rust-lang.org/?version=stable&mode=release&edit...

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts

Loading...