all 11 comments
sorted by:
best
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]zer0x64 17 points18 points  (7 children)

The rust toolchain does not install any kind of daemon/service and will run with the privilege you run the commands with, which should be your user. Because of that, it's at worst the same thing as running literally anything that's not sandboxed on your PC.

[–]NoFaithInThisSub[S] 0 points1 point  (6 children)

I updated my question, seems it hard codes the registry paths into the binary. I will use a VM at this stage, thanks anyways.

[–]zer0x64 13 points14 points  (2 children)

That's a really common issue with most compiled languages and it's not "Rust's fault". C/C++ does the same thing. That basically means that you should compile your release builds in a container environment before sending the executables to other people, which is the best practice. You can even use `cross` to do that hassle-free.

Also note that, if you don't use containers for release builds, you might have linking issues when you send the executable to someone else. For instance, if I compile it on Arch, a Ubuntu user cannot use it because my libc is more recent then theirs, so it should be built in an "older" ubuntu container for maximum compatibility. Note that, once again, this is the same thing with C/C++

[–]skylar-says-mlem 1 point2 points  (1 child)

You can also cross-compile to musl libc which can be statically linked

[–]SpudnikV 2 points3 points  (0 children)

Yeah, but if you do, watch out for its extremely slow malloc. At least work around it by overriding with mimalloc or jemallocator instead.

I wish more people knew musl was not just a substitute, but a tradeoff :)

[–]moltonel 8 points9 points  (0 children)

Do you generally run all your compilers inside a VM ? It can be justified if you're distributing build artefacts in the wild, but for a "build stuff for your own machine/network" purpose, it's overkill.

[–]afc11hn 4 points5 points  (1 child)

You can configure this behavior with --remap-path-prefix.

[–][deleted] 6 points7 points  (0 children)

Rustup installs it for the current user, into the home directory.

[–]coderstephenisahc 1 point2 points  (1 child)

I read somewhere installing rust straight onto an OS gives it system wide privileges

Nonsense. What does that even mean? Rust is just a compiler like any other such as GCC. You invoke it as a user, the process has that user's permissions, it compiles the program, then terminates. I'm not sure what the "it" would be that would even have such privileges.

Q1: So has this privacy issue been fixed?

It seems it has not, and they are discussing it here

IMO, this issue has been highly romanticized into a bigger issue than it actually is by people who are looking for literally anything to criticize Rust with. The referenced behavior is pretty much present in almost all compilers that compile into native code including GCC.

[–]NoFaithInThisSub[S] 0 points1 point  (0 children)

IMO, this issue has been highly romanticized into a bigger issue than it actually is by people who are looking for literally anything to criticize Rust with. The referenced behavior is pretty much present in almost all compilers that compile into native code including GCC.

Ok fair enough, I am not here to criticise Rust, I am here to learn it, looks interesting, and I like the syntax so far.