>why bother driving a car that has seatbelts The implication openssh has no seat... | Hacker News

Hacker Newsnew | past | comments | ask | show | jobs | submit

		snvzz on Feb 8, 2023 \| parent \| context \| favorite \| on: OpenSSH Pre-Auth Double Free – Writeup and Proof-o... >why bother driving a car that has seatbelts The implication openssh has no seatbelts is very wrong. OpenSSH's internal architecture was engineered for robustness, and has privilege separation and sandboxing.

HideousKojima on Feb 9, 2023 [–]

And yet TFA is about yet another vulnerability caused by something that Rust is immune to.

0xbadcafebee on Feb 9, 2023 | [–]

Yet the total number of vulnerabilities is smaller than other Rust-implemented programs, because security fundamentally comes down to the engineer, not how many seatbelts there are.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact