| ▲ | zozbot234 4 days ago | ||||||||||||||||
> misleading terminology and framing that suggests these are security issues Could you quote where exactly OP has misleadingly "suggested" that these concerns lead to security issues in the typical case? > attacker control of the data, and attacker ability to place controlled data somewhere advantageous to the attacker Under this definition the Rowhammer problem with hardware DRAM does not qualify as a genuine security concern since it inherently relies on fiddly non-determinism that cannot possibly be "controlled" by any attacker. (The problem with possible torn writes in concurrent Go code is quite similar in spirit; it's understood that an actually observed torn write might only occur rarely.) Needless to say there is a fairly strong case for addressing these problems anyway, as a matter of defence in depth. > correctness advantages of Rust Memory safety in OP's sense is not exclusive to Rust. Swift has it. Even Java/C# cannot access arbitrary memory as a result of torn writes. It would be more accurate to say that OP has identified a correctness issue that's apparently exclusive to Go. | |||||||||||||||||
| ▲ | tptacek 4 days ago | parent [-] | ||||||||||||||||
I quoted directly from the article. | |||||||||||||||||
| |||||||||||||||||