CISPA
Browse

"I wouldn't want my unsafe code to run my pacemaker": An Interview Study on the Use, Comprehension, and Perceived Risks of Unsafe Rust.

Download (416.49 kB)
conference contribution
posted on 2024-03-19, 10:52 authored by Sandra Höltervennhoff, Philip KlostermeyerPhilip Klostermeyer, Noah Wöhler, Yasemin Acar, Sascha FahlSascha Fahl
Modern software development still struggles with memory safety issues as a significant source of security bugs. The Rust programming language addresses memory safety and provides further security features. However, Rust offers developers the ability to opt out of some of these guarantees using unsafe Rust. Previous work found that the source of many security vulnerabilities is unsafe Rust. In this paper, we are the first to see behind the curtain and investigate developers' motivations for, experiences with, and risk assessment of using unsafe Rust in depth. Therefore, we conducted 26 semi-structured interviews with experienced Rust developers. We find that developers aim to use unsafe Rust sparingly and with caution. However, we also identify common misconceptions and tooling fatigue that can lead to security issues, find that security policies for using unsafe Rust are widely missing and that participants underestimate the security risks of using unsafe Rust. We conclude our work by discussing the findings and recommendations for making the future use of unsafe Rust more secure.

History

Primary Research Area

  • Empirical and Behavioral Security

Name of Conference

Usenix Security Symposium (USENIX-Security)

Journal

USENIX Security Symposium

Page Range

2509-2525

BibTeX

@conference{Höltervennhoff:Klostermeyer:Wöhler:Acar:Fahl:2023, title = {"I wouldn't want my unsafe code to run my pacemaker": An Interview Study on the Use, Comprehension, and Perceived Risks of Unsafe Rust.}, author = "Höltervennhoff, Sandra" AND "Klostermeyer, Philip" AND "Wöhler, Noah" AND "Acar, Yasemin" AND "Fahl, Sascha", year = 2023, month = 8, journal = "USENIX Security Symposium", pages = "2509--2525" }

Usage metrics

    Categories

    No categories selected

    Licence

    Exports

    RefWorks
    BibTeX
    Ref. manager
    Endnote
    DataCite
    NLM
    DC