You exude vibes of someone who would’ve opposed the move from assembly to C …
Developers are well aware of the risks of re-writting, and I have seen no one say Rust is bug or cve free on compile time. But you do have higher guarantees that a certain class of vulnerabilities do not exist or it is easier to narrow down where they might be. Stop spreading FUD
If you had an ancient utility in assembly that did exactly what you wanted and no particular issues, then it would have been a dubious decision to rewrite in C.
Of course, the relative likelyhood of assembly code actually continuing to function across the evolution of processor instruction sets is lower than C, so the scenario is a bit trickier to show in that example.
However, there are two much more striking examples:
COBOL continues to be used in a lot of applications. Because the COBOL implementations work and while it would be insane to choose COBOL for them now if they were to start today, it’s also insane to rewrite them and incur the risks when they work fine and will continue working.
Similarly, in scientific computing there’s still a good share of Fortran code. Again, an insane choice for a new project, but if the implementation is good, it’s a stupid idea to rewrite.
There’s not a lot of reason to criticisize the technical merits of Rust here, nor even to criticize people for choosing Rust as the path forward on their project. However the culture of ‘every thing must be rewritten in Rust’ is something worthy of criticism.
Chiming in for something unrelated. Fortran is actually pretty cool and if you need to do a lot of number crunching for scientific calculations starting a project in Fortran is not that bad.
I started working on Fortran04 and back then I really couldn’t see any advantage of c++ if we’re talking computations. Now with Fortran23 we’re talking about quite a modern language.
I mean, if you’re considering Fortran for a project your only other likely choice is c++, and I tell you Fortran feels much smoother and easy to work with if you have to do calculations. I guess if you don’t worry about it being new you could consider Julia, but for many applications Fortran still has its well deserved spot.
Can someone explain to me why Rust enthusiasts are so evangelical about it? I get that it’s memory safe, OK - super great. But rewriting a stable, small-but-important legacy tool doesn’t seem like a good place to prove its worth. Surely there are a million better places? And yet when I heard about this, it totally seemed to track. I’ve never touched Rust but I already find its proponents to be strangely focused on it. I never felt such religious zeal with regard to a programming language.
Firstly, Rust doesn’t need to “prove its worth.” It’s been in use in prod in other contexts for years.
Secondly, sudo is still actively getting a decent number of commits every month and has been riddled with bugs. For instance, just a few months ago there was a critical privilege escalation vuln. This rewrite is stripping out functionality that is deemed unnecessary.
sudo isn’t a coreutil. It’s also got a number of replacements that do pretty much the same thing (doas, run0, etc.), so I wouldn’t even call it one of the most important.
You exude vibes of someone who would’ve opposed the move from assembly to C …
Developers are well aware of the risks of re-writting, and I have seen no one say Rust is bug or cve free on compile time. But you do have higher guarantees that a certain class of vulnerabilities do not exist or it is easier to narrow down where they might be. Stop spreading FUD
And before you try: nop I’m not a Rust developer
If you had an ancient utility in assembly that did exactly what you wanted and no particular issues, then it would have been a dubious decision to rewrite in C.
Of course, the relative likelyhood of assembly code actually continuing to function across the evolution of processor instruction sets is lower than C, so the scenario is a bit trickier to show in that example.
However, there are two much more striking examples: COBOL continues to be used in a lot of applications. Because the COBOL implementations work and while it would be insane to choose COBOL for them now if they were to start today, it’s also insane to rewrite them and incur the risks when they work fine and will continue working.
Similarly, in scientific computing there’s still a good share of Fortran code. Again, an insane choice for a new project, but if the implementation is good, it’s a stupid idea to rewrite.
There’s not a lot of reason to criticisize the technical merits of Rust here, nor even to criticize people for choosing Rust as the path forward on their project. However the culture of ‘every thing must be rewritten in Rust’ is something worthy of criticism.
Chiming in for something unrelated. Fortran is actually pretty cool and if you need to do a lot of number crunching for scientific calculations starting a project in Fortran is not that bad. I started working on Fortran04 and back then I really couldn’t see any advantage of c++ if we’re talking computations. Now with Fortran23 we’re talking about quite a modern language.
I mean, if you’re considering Fortran for a project your only other likely choice is c++, and I tell you Fortran feels much smoother and easy to work with if you have to do calculations. I guess if you don’t worry about it being new you could consider Julia, but for many applications Fortran still has its well deserved spot.
But, maybe, just maybe, replacing one of the most important coreutils with an immature Rust product isn’t a good idea
Can someone explain to me why Rust enthusiasts are so evangelical about it? I get that it’s memory safe, OK - super great. But rewriting a stable, small-but-important legacy tool doesn’t seem like a good place to prove its worth. Surely there are a million better places? And yet when I heard about this, it totally seemed to track. I’ve never touched Rust but I already find its proponents to be strangely focused on it. I never felt such religious zeal with regard to a programming language.
Not sure. Some enthusiasm is understandable, but Go and Swift don’t draw out evangelists the way Rust does.
Firstly, Rust doesn’t need to “prove its worth.” It’s been in use in prod in other contexts for years.
Secondly,
sudois still actively getting a decent number of commits every month and has been riddled with bugs. For instance, just a few months ago there was a critical privilege escalation vuln. This rewrite is stripping out functionality that is deemed unnecessary.sudoisn’t a coreutil. It’s also got a number of replacements that do pretty much the same thing (doas,run0, etc.), so I wouldn’t even call it one of the most important.