Create accountLogin

Recent searches

No recent searches

Search options

Only available when logged in.
hachyderm.io is one of the many independent Mastodon servers you can use to participate in the fediverse.
Hachyderm is a safe space, LGBTQIA+ and BLM, primarily comprised of tech industry professionals world wide. Note that many non-user account types have restrictions - please see our About page.

Administered by:

Server stats:

9.4K
active users

hachyderm.io: AboutStatusProfiles directoryPrivacy policy

Mastodon: AboutGet the appKeyboard shortcutsView source codev4.3.7

Public
Ariadne Conill 🐰:therian:

you know, the thing that makes the "improved safety" claim of sudo-rs exceptionally bullshit isn't even the fact that the sudo config is undecidable

it's that it depends on PAM, and consumes PAM modules, which are inherently unsafe

Public
Ariadne Conill 🐰:therian:

to be clear, just because you wrote a tool in rust does not mean that tool is actually memory safe. if you pull in dependencies, like PAM, which are *known* to be memory unsafe *by design*, then your tool cannot possibly be memory safe.

Ross Burton

@ariadne vibes of Python-crytpography which is rust for “safety”, despite gluing cputhon to OpenSSL.

Sep 03, 2023, 07:59 AM·Public·Mastodon for iOS
0boosts·2favorites
Public
Ariadne Conill 🐰:therian:

@ross in fairness they plan to start dropping the OpenSSL bits over time

Public
Haelwenn /элвэн/ :triskell:
@ross @ariadne And how rustls depends on ring which you likely do not want to have. (No releases since 2021; C and Assembly code from whatever snapshot of BoringSSL; …)
ExploreLive feeds
About