New 'Looney Tunables' Linux bug gives root on major distros - eviltoast

From BeepingComputer.

  • AggressivelyPassive@feddit.de
    link
    fedilink
    arrow-up
    21
    arrow-down
    1
    ·
    1 year ago

    Question would be rather: why is something like C++ needed for such simple apps?

    C++ seems to be in that weird in-between place of offering high level features to be reasonable productive, but still doesn’t enforce/guarantee anything to make these features safe. I’d argue, very few programs need that. Either you’re writing business stuff, then you want safety (Java, C#, rust), or you’re writing embedded/low level stuff, then you want control (C, ASM).

    The room for “productive, but not interested in safety” is basically just AAA games, I guess.

    • intelati@programming.dev
      link
      fedilink
      arrow-up
      11
      arrow-down
      1
      ·
      1 year ago

      C is almost the old “steady” standard now it feels like. It’s so flexible and the frameworks are already built…

      • entropicdrift@lemmy.sdf.org
        link
        fedilink
        arrow-up
        15
        ·
        1 year ago

        …except that we also end up with cracks in our foundations like this exploit constantly being exposed as a result of all that C

    • teawrecks@sopuli.xyz
      link
      fedilink
      arrow-up
      7
      ·
      1 year ago

      Well you’re not going to write asm if you want your code to be portable at all, and believe it or not C++ has a lot of features to help you not shoot yourself in the foot that C doesn’t have (ex. OOP, RAII, smart pointers).

      C wasn’t really designed with dynamic memory management in mind. It was designed for someone who has absolute control over a machine and all the memory in it. malloc() and free() are just functions that some environments expose to user mode processes, but C was never designed to care where you got your memory or what you do with it.