Our great sponsors
-
WorkOS
The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.
-
zig
General-purpose programming language and toolchain for maintaining robust, optimal, and reusable software.
Mind you that there is a runtime overhead.
If we look at access beyond on a slice's boundary:
https://github.com/rust-lang/rust/blob/ea37e8091fe87ae0a7e20...
This bounds check is what enables Rust code to fail with a panic vs continuing (which is what triggers a lot of bugs).
Post about the impact on performance: https://blog.readyset.io/bounds-checks/
Yeah it would. There are a few attempts, such as C-gull (https://github.com/sunfishcode/c-ward/tree/main/c-gull#readm...).
> c-gull is a libc implementation. It is an implementation of the ABI described by the libc crate.
> Currently it only supports --linux-gnu ABIs, though other ABIs could be added in the future. And currently this mostly focused on features needed by Rust programs, so it doesn't have all the C-idiomatic things like qsort yet, but they could be added in the future.
It's not so unusual to write the C runtime library in a different language.
E.g. Zig is getting a libc written in Zig:
https://github.com/ziglang/zig/issues/514
Rust would work too of course.
On Linux, Chromium uses setuid or user namespaces to restrict the access of sandboxed components and seccomp-bpf to reduce the kernel attack surface.
Check out the Chromium docs on this topic: https://chromium.googlesource.com/chromium/src/+/HEAD/docs/l...
FWIW C can do it too to some extent, here's postfix: https://github.com/vdukhovni/postfix/blob/master/postfix/src...
Overflow checks turn into two's compliments' wrapping, but that's only considered acceptable because bounds checks are not turned off.
https://play.rust-lang.org/?version=stable&mode=release&edit...