My comment is sarcastic, obviously. The argument Kairos gave is similar to this. You can still introduce vulnerabilities. The issue is normally that you introduce them accidentally. Rust gives you safety, but does not put your code into a sandbox. It looked to me like they weren’t aware of this difference.

You don’t even need unsafe, you can just take user input and execute it in a shell and rust will let you do it. Totally insecure!

He’s so polite!

When you write code for a “runtime” that wasn’t intended to run your code.

That definition would be too broad, as includes any type of exploit.

In ROP, you modify the stack to write return addresses and then return to jump to the first of these addresses, the return addresses go to parts of the executable that end with a return instruction (gadgets), so it will always return to the next of your return address.

(That video is maybe not the easiest introduction to ROP.)

Having ROP in here as normal programming paradigm, as opposed to vibe coding, made the meme so much better.