| Even when you use array indices, I don't think you give those protections up. Maybe a few, sure, but the situation is still overall improved. Many of the rules references have to live by, are also applied to arrays: - You cannot have two owners simultaneously hold a mutable reference to a region of the array (unless they are not overlapping) - The array itself keeps the Sync/Send traits, providing thread safety - The compiler cannot do provenance-based optimizations, and thus cannot introduce undefined behavior; most other kinds of undefined behavior are still prevented - Null dereferences still do not exist and other classes of errors related to pointers still do not exist Logic errors and security issues will still exist of course, but Rust never claimed guarantees against them; only guarantees against undefined behavior. I'm not going to argue against managed code. If you can afford a GC, you should absolutely use it. But, compared to C++, if you have to make that choice, safety-wise Rust is overall an improvement. |