|
|
Пишет LWN.net (![[info]](http://lj.rossia.org/img/syndicated.gif){kind=small} syn_lwnheadline)@ 2021-05-04 20:45:00 |
 |
|
 |
|
|
|
|
|
|
 |
|
 |
[$] Rustls: memory safety for TLS
The movement toward using memory-safe
languages, and Rust in particular,
has picked up a lot of steam over the past year or two. Removing the
possibility of buffer overflows, use-after-free bugs, and other woes associated
with unmanaged pointers is an attractive feature, especially given that
the majority of today's vulnerabilities stem from memory-safety
issues. On April 20, the Internet Security Research
Group (ISRG) announced
a funding initiative targeting the Rustls TLS library in order to
prepare it for more widespread adoption—including by ISRG's Let's Encrypt project.
The movement toward using memory-safe
languages, and Rust in particular,
has picked up a lot of steam over the past year or two. Removing the
possibility of buffer overflows, use-after-free bugs, and other woes associated
with unmanaged pointers is an attractive feature, especially given that
the majority of today's vulnerabilities stem from memory-safety
issues. On April 20, the Internet Security Research
Group (ISRG) announced
a funding initiative targeting the Rustls TLS library in order to
prepare it for more widespread adoption—including by ISRG's Let's Encrypt project.
