Hacker Read

ctz · 2016-12-23 17:16:19+00:00

I don't really understand why this doesn't cover memory safety.

uecker | karma 417 | avg karma 1.01 · | 2023-02-20 04:01:13

Isn't this confusing memory safety with safety?

qayxc | karma 3685 | avg karma 2.51 · | 2021-06-24 21:10:57

I'm not sure you understand what "memory safety" means.

dbaupp | karma 10204 | avg karma 4.33 · | 2019-02-13 16:32:50

I see no mention of memory safety or unsafety in the issue you linked. Could you be more specific?

hot_gril | karma 4539 | avg karma 1.17 · | 2024-06-25 00:14:38

That's not what memory safety refers to.

bamboozled | karma 7012 | avg karma 1.83 · | 2020-10-12 02:56:41

Memory safety?

gok | karma 12320 | avg karma 6.11 · | 2020-12-02 06:29:44

OTOH, we don't really have evidence to show that memory safety is effective in kernels/drivers because no memory safe language has ever been deployed at scale for that purpose.

tree_of_item | karma 2524 | avg karma 2.9 · | 2017-08-25 13:33:16+00:00

This is incorrect. What you're referring to is "memory safety".

nynx | karma 2474 | avg karma 3.75 · | 2021-11-15 18:37:55

its “memory safety”, not “accesses memory”

a1369209993 | karma 3438 | avg karma 1.19 · | 2020-08-15 18:11:29+00:00

> without any memory safety

Actually, I think that would be memory protection, not safety.

reply

snotrockets | karma 1466 | avg karma 1.97 · | 2022-12-07 12:24:53

It still lacks memory safety.

marginalia_nu | karma 21123 | avg karma 4.08 · | 2021-12-27 03:10:01

The point is that not every security problem stems from the memory model, and myopically focusing on memory safety evidently doesn't stop do much to prevent vulnerabilities.

azakai | karma 7684 | avg karma 3.12 · | 2021-09-22 15:18:06

Oh right, good point. Other types of memory safety are more relevant here then.

msla | karma 4817 | avg karma 1.28 · | 2020-03-13 11:23:31

It has everything to do with memory safety.

oconnor663 | karma 6967 | avg karma 4.71 · | 2020-09-15 16:42:37+00:00

One catch is that it's not currently memory safe, and it's unclear (to me) what the future plan is for memory safety.

nmilo | karma 952 | avg karma 6.06 · | 2023-09-21 15:00:44

So then memory safety isn't the end-all be-all for security anyways. What do you suggest we use instead?

jvanderbot | karma 13042 | avg karma 3.94 · | 2024-01-03 06:34:42

This is getting a bit defensive. I think people are interpreting your post as saying all safety is guaranteed by using memory safety, but you rightly walk it back in comments to mean it addresses "primary" security problems.

That's it.

reply

pohl | karma 9288 | avg karma 3.55 · | 2023-03-04 10:29:43

Interesting, I hadn’t realized how much the phrase “memory safety” understates what is desirable.

saagarjha | karma 56017 | avg karma 2.29 · | 2019-11-27 16:08:51+00:00

Those don’t really catch memory safety issues in the general case; they’re more focused on exploit mitigation.

rurban | karma 5612 | avg karma 0.84 · | 2022-11-15 23:56:03

So memory safety is a cons point now?