1. I find the assumption that Rust code is safe a bit overly optimistic. If you're writing network-facing code, security is always an issue to some extent, even if mitigated by language guard-rails.
2. The actix framework author supposedly did the following things at once:
2.1 Wrote code somewhat carelessly
2.2 Wrote and maintained his code alone
2.3 Claimed his code was "safe" - in that mythical complete sense I mentioned above
this combination is a recipe for disaster, and he was warned (albeit in a possibly-non-friendly-way). Thus, while the public outroar is probably excessive - security bugs do happen - he is to some extent getting what's coming to him.
Caveat: I'm a C++ person and am not familiar with the Rust ecosystem.
2. The actix framework author supposedly did the following things at once:
this combination is a recipe for disaster, and he was warned (albeit in a possibly-non-friendly-way). Thus, while the public outroar is probably excessive - security bugs do happen - he is to some extent getting what's coming to him.Caveat: I'm a C++ person and am not familiar with the Rust ecosystem.