this post was submitted on 12 Nov 2025
441 points (95.3% liked)
linuxmemes
30081 readers
962 users here now
Hint: :q!
Sister communities:
Community rules (click to expand)
1. Follow the site-wide rules
- Instance-wide TOS: https://legal.lemmy.world/tos/
- Lemmy code of conduct: https://join-lemmy.org/docs/code_of_conduct.html
2. Be civil
- Understand the difference between a joke and an insult.
- Do not harrass or attack users for any reason. This includes using blanket terms, like "every user of thing".
- Don't get baited into back-and-forth insults. We are not animals.
- Leave remarks of "peasantry" to the PCMR community. If you dislike an OS/service/application, attack the thing you dislike, not the individuals who use it. Some people may not have a choice.
- Bigotry will not be tolerated.
3. Post Linux-related content
- Including Unix and BSD.
- Non-Linux content is acceptable as long as it makes a reference to Linux. For example, the poorly made mockery of
sudoin Windows. - No porn, no politics, no trolling or ragebaiting.
- Don't come looking for advice, this is not the right community.
4. No recent reposts
- Everybody uses Arch btw, can't quit Vim, <loves/tolerates/hates> systemd, and wants to interject for a moment. You can stop now.
5. π¬π§ Language/ΡΠ·ΡΠΊ/Sprache
- This is primarily an English-speaking community. π¬π§π¦πΊπΊπΈ
- Comments written in other languages are allowed.
- The substance of a post should be comprehensible for people who only speak English.
- Titles and post bodies written in other languages will be allowed, but only as long as the above rule is observed.
6. (NEW!) Regarding public figures
We all have our opinions, and certain public figures can be divisive. Keep in mind that this is a community for memes and light-hearted fun, not for airing grievances or leveling accusations. - Keep discussions polite and free of disparagement.
- We are never in possession of all of the facts. Defamatory comments will not be tolerated.
- Discussions that get too heated will be locked and offending comments removed. Β
Please report posts and comments that break these rules!
Important: never execute code or follow advice that you don't understand or can't verify, especially here. The word of the day is credibility. This is a meme community -- even the most helpful comments might just be shitposts that can damage your system. Be aware, be smart, don't remove France.
founded 2 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
Mozilla, where Rust was originally conceived, have already talked about this risk factor ages ago when they were still working on Servo. Reimplementing battle-tested software in a different language can result in logic bugs being introduced, which no programming language can really prevent. Many times they will actually reintroduce bugs that have already been historically fixed in the original implementation. This doesn't invalidate the benefits of moving to a very memory safe language, it just needs to be taken into consideration when determining whether it's worth the risk or the effort.
Honestly I have no idea whether sudo-rs is a good idea or not, but I have my doubts that any of the other people (especially the very vocal kind) chiming in on this do. Any time Rust is involved in the Linux community, a lot of vocal critics with very little knowledge of the language or programming in general seem to appear.
This is why its generally better to only write new code in more memory safe langs instead of rewriting everything
The counterpoint is that, especially with FOSS that does not receive much (if any) corporate backing, developer retention and interest is an important factor.
If I'm donating some of my free time to a FOSS project I'd rather not slug through awful build systems, arcane mailing lists, and memory unsafe languages which may or may not use halfway decent - often homebrew - manual memory management patterns. If the project is written in Rust, it's a pretty clear indicator that the code will be easily readable, compilable, and safer to modify.
But why the rust? there are quite a large variety of languages with memory protection (for example Java), and freely compiled (for example golang), but for some reason they persistently try to rewrite the whole "world" into rust. I'm not against rust, I'm really curious.
For systems programming it makes the most sense out of the languages you mentioned. Languages requiring a runtime (Java/Python) do not fill the bill for system tools IMO. Golang is more arguable, but its memory safety comes through GC which many systems programmers aren't fans of for a variety of technical and personal reasons.
Rust is meant to be what C++ would be if it were designed today by opiniated system developers and didn't have to be backwards-compatible.
Those are the technical arguments I would use in a corporate setting.
All that aside, there's personal preference, and my point is that for FOSS projects that matters too. Rust is fun in a brain-teasy kind of way in the same way that writing C is fun, but without nearly as many footguns. Golang is practical but arguably not as fun. That's the same logic that draws many programmers to write Haskell projects.
The story of the Fish shell illustrates it quite well; the project gained a lot of development attention and contributions when they decided to rewrite from C++ to Rust, where they achieved a stable release with feature-parity a few months ago. It would have been a remarkably dumb decision for a private company to make, but makes perfect sense when you are trying to attract free talent.
Both java and go seem excessively complex at runtime for fundamental system utilities, featuring garbage collection. Rust, on the other hand, keeps the complexity in the compiler and source, keeping the runtime code simpler. And of course it's doing that while trying to make it easier to manage memory and harder to make mistakes, without forcing extra runtime logic on you.
Many things do use go, the issue with Java lies in its massive runtime burden (also not a great language IMO)
Java isn't an exciting language, sure.
Kotlin is, though.
Agreed, Kotlin's a lot nicer.
I do think there are long-term benefits in many cases, it just depends on available resources. There are plenty of projects that desperately need a rewrite for maintenance reasons alone so you might as well examine if language switch is worth it. It's not like there aren't a lot of success stories, even if there's projects like sudo-rs where we're, at best, not sure if there's tangible benefits.
I swear to god sometime last week in a conversation about Rust here, there was one commenter whose entire point was "OK admittedly i don't code and don't know much about programming but i got this feeling that memory safety isn't all what' it's cracked up to be". A confederacy of dunces indeed...
It's a generally applicable lesson in why it's NOT a good idea to change things for the sake of it though (chesterton's fence, but where most of the actual bits of fence are invisible).
I think a key difference is that firefox is a eternally evolving codebase that has to do new stuff frequently. It may have been painful but it's worth it to bite the bullet for the sake of the large volume of ongoing changes.
For sudo/coreutils, I feel like those projects are more 'settled' and unlikely to need a lot of ongoing work, so the risk/benefit analysis cuts a different way.
Contrary to popular belief, it is possible to write software in C that is very secure. It takes thought but C has the edge with its small footprint and system integration
Contrary to popular belief, it is possible to write software in assembly that is very readable. It takes thought but assembly has the edge with its miniscule footprint and zero-dependency runtime.
I wouldn't go that far
The problem with assembly is that it is almost impossible to optimize it as a human. Way back in the day instruction sets were written for humans but these days it is highly unlikely that you will be able to write assembly that can outperform a compiler. The reason primary has to do with pipelining and caching since modern CPUs are extremely complex.
That's btw. also a good argument for Rust. Due to the strictness of the language the compiler os able to do optimizations that just aren't possible (safely) in C or C++
https://esolangs.org/wiki/Brainfuck
Yea I mean it's possible, but the sooner you bite the bullet and use a more modern language, the sooner you'll get back to the same level of maturity and start having productivity dividends being paid out thanks to things like being able to get your compiler to prevent use after free bugs and the like.
Not sure how much sudo specifically needs this, maybe new commits are rare. As long as it stays out of LTS for the time being I'm all for it though.
Also not quite sure what you mean by "footprint"
Are you talking about the binary size or the fact that C has a tiny and straightforward language spec?
At this point I think the "thoughtful" C programmer is a myth and I don't mean this as an insult. Even the most careful and experienced C gurus still make mistakes that would be much harder to make, if not categorically prevented in something like Rust. A lot of very secure C software is small in footprint, has had stable requirements for years, experienced thousands of hours of real world testing by users and the scrutiny of security experts. What I'm saying is: it should be easier to write secure software, especially with complex requirements or large attack surfaces.
I disagree that C has a notably smaller footprint than Rust for most purposes and system integration is in some cases harder in Rust precisely because of the notorious upfront implementation cost that prevents a lot of potential bugs.