On 04/30/2016 03:04 PM, ra...@openmailbox.org wrote: > On 2016-04-30 11:47, Kajetan Jasztal wrote: >> how about servo[1]? aims for memory security and fast parallel rendering >> >> [1] https://servo.org/ > > There is a lot of hype about rust being 'memory safe' but where is the > proof?
AFAICT, Patina [1] is a formalization of rust being memory safe, if there is no "unsafe" parts. > [...] To get closer to the original topic, I think rust is among the best choices for a webkit replacement. A webkit replacement *will* be huge, bloated and sucky. It's pretty sad, but most of us need a way to access sucky websites that won't work without javascript enabled (bank websites, I'm looking at you). Now, why would rust be a good language for this? The mere fact that it's memory safe by default means a whole class of vulnerabilities just vanish. And one of the largest surface of interaction of your computer with the outer world being through the browser, it's usually a good idea to keep it as safe as possible. A webkit replacement written in C would need to have its entire codebase audited for memory flaws. One in rust needs to be audited only in unsafe blocks. For servo, that means a decrease of 99% of the work to be done, if I understand correctly your sentence. Sure, rust sucks. rustc can't be compiled without a rust compiler, trying to go back in time to find one that can leads to an OCaml source, and trying to go back the OCaml compilers to find the initial one you fall upon LeLisp. So there is most likely no way to build a rust compiler from a c compiler at the moment. This sucks. Rust is slow to compile. This sucks. Sometimes you know what you are doing, but rust tells you it is not thread-safe even when you know you have only one thread. This sucks. But rust at least gives you a bit of free safety, which is what I crave most for in a web browser. And in my opinion, rust is one of the less wrong alternatives to C. [1] ftp://ftp.cs.washington.edu/tr/2015/03/UW-CSE-15-03-02.pdf
signature.asc
Description: OpenPGP digital signature
