| ▲ | ianm218 18 hours ago |
| Well the biggest goal was to be useful. Nginx serves ~20% of the web, memory unsafe languages might just become untractable for critical exposed to the web infra if the rate of critical CVE's on these rises faster than they can be patched, so a drop in replacement would be a big deal in that world. But in terms of learning I'm learning relatively little about how to type Rust into an editor but a lot about how to set up agentic loops that can autonomously get tests to pass and improve performance. For example if you just tell a frontier model (gpt5.5 or Claude Code 4.8) to make some portion of the tests pass they will take forever and just bang their heads against it. I developed a framework to mimic a lot of these tests in nginx... but in minimum non blocking ways so you can run many in parallel with short feedback loops. Similar for performance - how to make tons of performance benchmark and expose maximum telemetry for agents to go and analyze the hotpaths etc. |
|
| ▲ | tredre3 17 hours ago | parent | next [-] |
| > Nginx serves ~20% of the web, memory unsafe languages might just become untractable for critical exposed to the web infra if the rate of critical CVE's on these rises faster than they can be patched That is true, however did you actually do any research into nginx? Is it particularly prone to memory bugs? I honestly don't know the answer but you seem to be coming from a place of C bad, therefore nginx super vulnerable? In my experience with other web servers the vast majority of security bugs are string handling related (path/header injection), which your rewrite will not protect you from. |
| |
| ▲ | ianm218 16 hours ago | parent [-] | | https://securityaffairs.com/192132/hacking/nginx-rift-an-18-... The project was inspired by that. Also unlike most other projects, nginx is directly exposed to the internet often times which makes it more vulnerable than i.e. Redis/ Valkey or something that would be running within a companies network generally. "C Bad" is a bit reductionist... but I think there is some truth to the take " Until you have the evidence, don’t bother with hypothetical notions that someone can write 10 million lines of C without ubiquitious memory-unsafety vulnerabilities – it’s just Flat Earth Theory for software engineers" [1] NSA and other government orgs are also pushing people to stop using C [2] for important software. [1]. https://alexgaynor.net/2020/may/27/science-on-memory-unsafet...
[2]. https://linuxsecurity.com/news/government/nsa-s-plea-stop-us... | | |
| ▲ | uecker 16 hours ago | parent [-] | | I think the risks of a rewrite - especially when using AI - are far more problematic than memory safety. In the long run those C projects will be memory safe in the next five years using memory safe C implementations. | | |
| ▲ | ianm218 16 hours ago | parent [-] | | My perspective is that it is good to have a beta in a lot of directions. No one really knows what the endgame of software security looks like. So some people should try the port to rust angle, some should focus on hardening the C, some should explore more exotic options like formally provable languages etc | | |
| ▲ | uecker 13 hours ago | parent | next [-] | | There is nothing wrong with trying different things. But the fundamental problem here is that projects and their communities are social projects and need to be to fulfill their purposes and to ensure long term maintenance. In a free software context, rewrites just like forks (1) are fundamentally an asocial (2) activity because they fragment the community (if successful) and then increase overall maintenance burden if not able to replace the original project completely (rarely the case). Disrespect the license choice of the original authors makes this worse. 1) There may be situation were are fork makes sense (e.g. because one project can not serve different use cases well):
2) Which is why usually a "higher goal" is used to justify this, e.g. authors pretend (or lie to themselves, or may be be stupid enough to actually believe this) that some improvement in memory safety is really that important. | |
| ▲ | kstenerud 13 hours ago | parent | prev [-] | | You won't get anywhere pressing your case here. This group has already found you guilty, and no argument will change their minds. You've been caricatured into a blind AI-follower rust-rewriter-just-because type, and that's the surface they'll continually attack (you're wasting time, hurting the community, v2-itis, bikeshedding, premature optimization, copyright violation, moustache-twirling-evil-intent-rug-pull-later, etc etc etc). Just continue in your work. It's good, and we need people like you. |
|
|
|
|
|
| ▲ | fvdessen 17 hours ago | parent | prev | next [-] |
| You mean you rewrote the nginx test suite with smaller leaner tests ? How did you bootstrap that ? How do you know the leaner tests are equivalent to the real ones ? |
| |
| ▲ | ianm218 16 hours ago | parent [-] | | Here is an example https://github.com/ianm199/nginx-rs-port/blob/main/crates/ng... Basically I use these "kits" to prove that the behavior is working as expected with mocked data/ interfaces and then only after these kits pass I'll run the real test suite files as confirmation. So these let you iterate a lot faster than the official test suite because it is very slow. These are bootstrapped from the real tests. The other commenter was being a bit dismissive but this is the kind of thing I'm taking away as a real useful pattern to do verification of behavior at scale. |
|
|
| ▲ | jabwd 18 hours ago | parent | prev [-] |
| Buddy, I think it is time to not engage with these models for a bit, you seem to have lost your mind. |
| |
| ▲ | ianm218 18 hours ago | parent [-] | | We're literally in a thread on converting legacy C projects to idiomatic Rust? It seems many people are working on this same problem. | | |
| ▲ | jabwd 17 hours ago | parent | next [-] | | There are plenty of Rust based reverse proxies out there, why do you need to specifically rewrite nginx? You could also write a config adapter to Caddy, there are a billion options, but this is a wasted effort. The people who want to stick to their nginx configs won't use your project ever, and the people who actually care about security aren't going to use a vibe coded project. I have no idea why you are making me spell this out, I thought it was pretty obvious. | |
| ▲ | feelamee 16 hours ago | parent | prev [-] | | nit: well-written C projects to legacy Rust |
|
|
