Rust has troubles with STM because it lacks anything resembling effect system. Most probably, this will not be fixed.
Page 13 discuss why imperative approach like Rust's may fail in delivering transactional memory and why arbitrary-side-effect-free transactions in Haskell are, in fact, very composable due to effects separation inside STM and IO monads.
Instead of using this to do some proof of work, why not just get the bot detector to mine bitcoin or something...
I mean it is just as useless... And at least the website gets some money back from the raw extraction of data now happening...
Edit: speeeeeling
! Title: Hide Anubis Image
*/.within.website/x/cmd/anubis/static/img/*.webp$imageNow what is kinda interesting is that instead of getting rid of the "unsafe" block the developers put in some extra check. I guess you can take the developer out of C but you can't take the C out of the developer?
The patch devs said that they're interested in larger-scale changes to get rid of the need for `unsafe` in this kind of situation, but since that'll take time it's more important to just fix the bug for now.
[0]: https://lore.kernel.org/all/20251111-binder-fix-list-remove-...
pityJuke•1mo ago
uhfraid•1mo ago
jeroenhd•1mo ago
This "security vulnerability" is just a local DoS though. Annoying and problematic as it effectively bypasses controls over power on/off behaviour, but as far as I can tell from this report, no memory is leaked and no code execution can be achieved.
yourdetect•1mo ago
Greg Kroah-Hartman's comment is both wrong and perplexing.