←back to thread

Asterinas: OS kernel written in Rust and providing Linux-compatible ABI

(github.com)
364 points Klasiaster | 2 comments | 15 Oct 24 12:01 UTC | HN request time: 0.424s | source
Show context
prmoustache ◴[16 Oct 24 09:38 UTC] No.41857207[source]
> docker run -it --privileged --network=host --device=/dev/kvm -v $(pwd)/asterinas:/root/asterinas asterinas/asterinas:0.9.3

Is that the new generation of curl | bashism in action?

replies(3): >>41857251 #>>41858101 #>>41859535 #
1. oefrha ◴[16 Oct 24 12:04 UTC] No.41858101[source]
Hardly different from downloading random binary installers and executing them. Or random source distributions and (sudo) make install. Or npm/pip/cargo/etc. install random packages. Before anyone mentions distros and package managers, as a former team member of a major package manager I can assure you we don’t vet shit beyond project notability, and new versions are accepted semi-automatically. We’ll yank something after the fact if you report a malicious update, sure.

curl | bash has an actual problem: potential execution of an incomplete script (which can be mitigated with function calling). And there’s the mostly theoretical problem of the server being pwned / sending malicious code just to you (which of course also applies to any other unsigned channel). Arbitrary code execution is never a problem unique to it, but people dunk on it all the time because they saw another person dunking on it in the past.

replies(1): >>41859808 #
2. hnfong ◴[16 Oct 24 14:56 UTC] No.41859808[source]
> as a former team member of a major package manager I can assure you we don’t vet shit beyond project notability, and new versions are accepted semi-automatically

An example that illustrates this: https://lwn.net/Articles/22991/

(And wow, it's been 22 years already...?)