Bugs Rust Won't Catch
Summary
The article analyzes Canonical's disclosure of 44 CVEs in the Rust coreutils rewrite, highlighting that standard Rust safety nets did not catch these issues. It emphasizes TOCTOU path bugs, the need to anchor operations to file descriptors, and provides practical patterns and checks to reduce similar vulnerabilities in Rust tools.