←back to thread

Introducing tmux-rs

(richardscollin.github.io)
857 points Jtsummers | 3 comments | 03 Jul 25 15:03 UTC | HN request time: 0.66s | source
Show context
uecker ◴[03 Jul 25 15:55 UTC] No.44456333[source]
I like this post, one can learn a lot.

It seems automatically translating Rust to C is not a very good idea: "I threw away all of the C2Rust output and decided I would translate all of the files into Rust manually from C.". Neither seems doing it manually: "I introduced many bugs while translating the code. I’d like to share the process of discovering and fixing a couple." Or using AI: "That’s because when using cursor to translate the code it would still occasionally insert bugs, just like me. So, I spent as much time reviewing the generated code as it would have taken me to write it myself."

As a hobby project, all power to you. But otherwise, maybe better not rewrite working code....

replies(4): >>44456413 #>>44456755 #>>44459370 #>>44459965 #
antonvs ◴[03 Jul 25 16:32 UTC] No.44456755[source]
> But otherwise, maybe better not rewrite working code....

Except that the eventual result allows for extension and improvements in a memory-safe language.

replies(2): >>44456866 #>>44458838 #
hnlmorg ◴[03 Jul 25 20:20 UTC] No.44458838[source]
tmux doesn’t really gain anything from memory safety because:

1. anything running in tmux already has execution rights and typically for the same user as tmux anyway.

2. Anyone who wanted to exploit tmux could just run ‘tmux -C’ and automatically get access to literally every interaction within tmux.

3. The software itself is already damn stable. I've never had it crash.

If you’re worried about someone exploiting your terminal then tmux is a terrible option, irrespective of whether it’s with written in C or Rust. And I say this as someone who absolutely loves tmux and uses it every day.

[edit]

And if you're worried about non-security related bugs affecting UX, then a rewrite in any language, regardless of the language, is a worse solution if your application has already been battle-tested for close to two decades. You're much better off creating something entirely new instead of porting code from one language to another because at least then you have new ideas instead of the same application but with new bugs in different places.

I don't say this because of some bias that Rust fanboys will assume I have. I love memory safe languages and think Rust is a great option for new projects. The point I'm making here is that a rewrite doesn't gain much for tmux SPECIFICALLY because tmux is already extremely stable.

replies(3): >>44458910 #>>44459033 #>>44459561 #
remram ◴[03 Jul 25 22:06 UTC] No.44459561[source]
You forget that tmux is a terminal emulator. Trusted programs can have untrusted/attacker-controlled terminal output. If the program running inside tmux (e.g. cat, curl -s, weechat) can output malformed unicode or escape commands that trigger crashes or code execution, it is actually a huge problem.
replies(1): >>44461430 #
1. hnlmorg ◴[04 Jul 25 05:36 UTC] No.44461430[source]
> You forget that tmux is a terminal emulator.

No I don’t forget that.

> can output malformed unicode or escape commands that trigger crashes or code execution, it is actually a huge problem.

I agree.

And to go back to an earlier point, when was the last time you experienced tmux crash? Because I’ve been using it 15 years and yet to see that happen to me.

I get the need to protect against theoretical attacks, but what you’re advocating is throwing the baby out with the bathwater.

replies(1): >>44464517 #
2. remram ◴[04 Jul 25 13:46 UTC] No.44464517[source]
I don't use tmux.

CVE-2020-27347 is exactly the kind of memory safety bug exploitable by terminal output that I was talking about.

replies(1): >>44466135 #
3. hnlmorg ◴[04 Jul 25 17:02 UTC] No.44466135[source]
I’m not going to deny that memory safety bugs are completely avoidable in C. However if the best example in tmux you can find is a bug that was patched promptly 5 years ago. That that’s does also say something favourable about tmux as well.

As I said elsewhere, if memory safety is a major concern then there are Rust multiplexers too. But there’s plenty more lower hanging fruit to worry about before tmux.