Comment by streetfighter64

> That means, even if the tools were (and probably still are) buggy, they never had a bug that could be exploited to read arbitrary memory.

Well, that begs the question, is it worse to read arbitrary memory (which would probably in most cases be prevented by various dynamic protections [0] anyway), or failing to prevent rm -rf /./ and killing every process in the system, etc.?

This is still a good case study of the value of the much-touted rust rewrites. Usually they are performed by people who are domain experts in rust, but (as seen here) lack basic domain knowledge of the tool's environment.

[0] https://en.wikipedia.org/wiki/Buffer_overflow_protection