[Info-vax] Rust as a HS language, was: Re: Quiet?

[chris]

On 04/06/22 22:04, Dan Cross wrote:
> In article<t2klgp$dm4$1 at dont-email.me>,
> Simon Clubley<clubley at remove_me.eisner.decus.org-Earth.UFP>  wrote:
>> On 2022-04-06, Dan Cross<cross at spitfire.i.gajendra.net>  wrote:
>>> In article<624d95fe$0$706$14726298 at news.sunsite.dk>,
>>> Arne Vajhøj<arne at vajhoej.dk>  wrote:
>>>> On 4/5/2022 2:05 PM, Simon Clubley wrote:
>>>>> It looks like Rust has come up with rather unique ways to screw up:
>>>>
>>>> I think you have a mysterious understanding of what is unique in
>>>> programming.
>>>>
>>>> (and this is not Rust as such but libraries written in Rust)
>>>
>>> Indeed.  I read that quip as a statement along the lines of,
>>> "tell me you don't know Rust without telling me that you don't
>>> know Rust."
>>
>> Actually, both of you have missed the point.
>
> I'm afraid your point is based on either confusion or lack of
> familiarity.
>
>> My point is that this all-new all-singing programming language that
>> will save us all (according to its creators) is released with all
>> these new and unique features that make Rust better than anything
>> else out there for security (also according to its creators).
>
> I invite you to provide a citation to one of the Rust creators
> making such a claim.
>
> Again, these people aren't fools: they understand that no one
> language is the One True Solution to All Problems.  The people
> who designed and implemented Rust are actually qualified PL
> people.  You seemed to have glombed onto the fan boys pitching
> hype and somehow think that's representative of the folks
> actually doing the work: it is not.
>
>> People then start using this language to create libraries and manage
>> to still write code that compromises these new safety features, hence
>> making the library unsafe, but unsafe in a way that is unique to Rust
>> because it manages to violate the guarantees that the language says
>> it gives you.
>>
>> And before you say it, I know Rust is not unique in this and that is
>> exactly the point. Just as you have to do when writing code in other
>> programming languages, you still have to know what you are doing when
>> writing Rust code or you can still write code that has security issues
>> within it.
>
> No one serious ever claimed otherwise.
>
>> And my attitude-free serious point is this: Rust brings some new ideas
>> to the table and they are ideas that are worth exploring. But at the
>> end of the day, it's just another tool with some more features built in
>> that can help you write more secure code and make it harder for you
>> to screw up.
>
> Perhaps if you eliminated the hyperbole elsewhere and just lead
> with this, you'd find that it gets a better reception.
>
>> Unfortunately, listening to people pushing the general Rust hype, they
>> would have you believe that Rust is some super-language that will instantly
>> solve all your security problems, even in code written by novices, if you
>> just start writing code in it and manage to get your code to compile.
>
> No one serious has ever claimed that.
>
>> That's not true and it's not true for any language that we have created.
>> It's just that there are some languages out there that make it a _lot_
>> harder to screw up in than in other languages and for which you can write
>> much safer (NOTE: much safer, _not_ safe) code more easily.
>>
>> But you can still screw up even in those languages if you try hard enough
>> and if you don't really know what you are doing and that applies to all
>> languages we have ever created including both Ada and Rust.
>
> Again, no one credible ever claimed otherwise.
>
> 	- Dan C.
>

I don't like anything that claims or predisposes to protect me from
my own stupidity.  Prefer the freedom to make my own mistakes and
learn from them. Not more nanny state, however fashionable it
may be...

Chris