whistlez <[email protected]> writes: > Hi, > I've heard about the development of a memory-safe C compiler that's > perfectly compatible with standard C and C++ programs. It's called Fil-C > and was developed by Filip Pizlo. > I'd like your opinion on this project and whether it could be useful in > an OpenBSD environment. It seems (though I don't have any definitive > information yet) that they're trying to compile a Debian distribution > with this compiler. I learned about this compiler because a very > talented Italian developer who has also worked on security in the past, > Salvatore Sanfilippo (founder of the Redis and hping projects and > inventor of idle-scan), spoke highly of it in a recent YouTube video. He > also went into the technical details of this compiler's memory > management.
AFAIK Fil-C relies on components of the LLVM project. Regardless of any merits of Fil-C, if it's unhostable on all supported OpenBSD hardware ports, it's unhelpful. >From the project: Fil-C only works on Linux/X86_64. Previous versions worked on Darwin/ARM64 and FreeBSD, but now I'm focusing just on Linux/X86_64 because it allows me to do a more faithful job of implementing libc. There's nothing fundamentally stopping Fil-C from working on ARM or OSes other than Linux. There's a lot of work to do beyond hyping up an open-source project on the interwebs by the looks of it. > I'm not asking whether this compiler will be ported, but just your > opinion on it. That is, whether it could actually improve the security > of many software without the need to switch to Rust. And whether it > could improve the security of OpenBSD. > Naturally, this compiler's collator effects degrade executable > performance, but that doesn't concern us. I don't see what the point of sharing opinions on a non-OpenBSD project get us, but here we are on misc@ I suppose! > > I fully realize this is a bit off-topic, but I think this could be a > topic of interest. If you find this email excessively off-topic, please > ignore it. > > Here are the links: > https://fil-c.org/ > https://github.com/pizlonator/fil-c > https://www.youtube.com/@pizlonator > > Thanks so much for your opinions.
