[d3nj4l]

That's not the same thing. You can call a shell command from any language. The log4j problem was that you could load arbitrary classes from the internet into the memory of the current process, which is a much more severe problem.

[aeonik]

I am aware, but I wanted to illustrate the higher level idea of architecture issue vs memory issue.

To keep it concise, I had take some liberties.

If you have more time than me, please feel free to reproduce Log4J more accurately in Rust.

[GoblinSlayer]

If you can run a shell command, it can do basically anything you want.

[tialaramex]

Sure, in a general purpose language, like Java, or Rust, or C++ you can indeed do "basically anything you want" that's why it's called general purpose, your purpose might be to run arbitrary code you found on the Internet, so, that's a thing you can do. If you can't it's not general purpose.

In a number of applications this means you do not actually want a general purpose language which is why WUFFS makes sense.

But, even when you don't have that constraint it's reasonable to ask: How easy was it to make a thing you didn't intend, by accident ?