(no title)
sanskritical | 7 days ago
Years ago on Twitter I believe it was lcamtuf that asked "Would you pipe a text file into less?" and Dan Kaminsky (RIP) replied -- "Not now that you asked if I would, no." The obvious implication is that people largely didn't think of simple text parsing utilities as places of concern for security issues, but that is not really in line with reality. I work with crypto and it seriously matters if I got owned in that I can lose amounts of money entrusted to me that I could never hope to recover or repay. I believe it is a basic fiduciary duty to use as much code as possible written in safer languages. Sublime Text is a massive C++ app and I can't look at the code. I am going to preferentially treat the Rust app as better. There's plenty of CVEs in editors. If I could I would replace every binary written in an unsafe language on every machine I ever use.
My editor touches every bit of infrastructure I have. I use it every day to change the behavior of production machines. I have no choice to treat my editor as trusted. So it needs to be trustworthy to the maximum degree possible.
kurouna|7 days ago
To be honest, this project is currently in a phase of personal hobby, self-improvement, and self-satisfaction. I must admit that it is not yet ready for mission-critical work.
While I certainly haven't included any malicious code, there are real risks: the app could crash and lose data, or underlying libraries might have vulnerabilities that I haven't had the capacity to fully audit yet. As I’m still experimenting with the architecture alone, I’m not ready to open the source code just yet.
However, your feedback makes me realize how important the "trustworthiness" is for a professional tool. If there is a clear demand for this kind of software and many requests for it to be open-sourced, I would definitely love to consider it as the project matures.
Thank you for sharing such a serious and important viewpoint.