Comment by hawk_

1 day ago

Yes but why do it in C++? There is no compiler enforced safe mode and you're by definition implementing an engine to run hostile code in it.

6 comments

hawk_

monax 1 day ago

> There is no compiler enforced safe mode

It's still early days, but Clang can check some lifetimes, using the [[clang::lifetimebound]] attribute [1]. You can also restrict unsafe pointer usage [2] outside designated blocks of code—somewhat like Rust’s unsafe keyword.

[1] https://clang.llvm.org/docs/AttributeReference.html#id8 [2] https://clang.llvm.org/docs/SafeBuffers.html#buffer-operatio...

npalli 1 day ago

Since 2012, all future browsers will be written in Rust and looks like it will always be that case. Perhaps, programming a browser in Rust is a painful activity that nobody seems to have managed to complete (writing parts of it since the Servo days). Talking about safety though, nonstop, yeah no shortage of that.

umanwizard 1 day ago

FWIW nobody has written a new complete browser engine in any language since then, not just Rust.

userbinator 1 day ago

I personally have had enough of the "security" bullshit after seeing what it's done to "secure" control over the population and put that in the hands of the enemy.

saagarjha 15 hours ago
I thought you were happy that your man was finally fixing things this year.
- userbinator 12 hours ago
  
  You of all people should know better than to bring that crap here, but guess how the Rust crowd leans politically.