baru ,

This isn't Rust specific. It's really difficult to securely start a command in Windows. I highly recommend to read https://flatt.tech/research/posts/batbadbut-you-cant-securely-execute-commands-on-windows/.

sepulcher ,

I'm honestly surprised windows can even exist at this point.

It's mind-boggling to me that people would dedicate their lives to learning that system when it's such a shoddy piece of crap.

It's amazing what a motivator money can be.

5C5C5C ,

Funny how the headline makes it sound like a Rust specific problem, as if the Rust language is unsafe or the core team was incompetent, but then other affected language standard libraries include

  • Erlang (documentation update)
  • Go (documentation update)
  • Haskell (patch available)
  • Java (won’t fix)
  • Node.js (patch will be available)
  • PHP (patch will be available)
  • Python (documentation update)
  • Ruby (documentation update)

So actually this is a vulnerability that originates in Windows, and Rust and Haskell are the only languages that are actually protecting users from it as of right now, with Node.js and PHP to follow.

  • All
  • Subscribed
  • Moderated
  • Favorites
  • [email protected]
  • kbinchat
  • All magazines
    •