- cross-posted to:
- [email protected]
- [email protected]
- cross-posted to:
- [email protected]
- [email protected]
Enter Maestro, a unix-like monolithic kernel that aims to be compatible with Linux in order to ensure wide compatibility. Interestingly, it is written in Rust. It includes Solfége, a boot system and daemon manager, maestro-utils, which is a collection of system utility commands, and blimp, a package manager. According to Luc, it’s creator, the following third-party software has been tested and is working on the OS: musl (C standard library), bash, Some GNU coreutils commands such as ls, cat, mkdir, rm, rmdir, uname, whoami, etc… neofetch (a patched version, since the original neofetch does not know about the OS). If you want to test it out, fire up a VM with at least 1 GB of ram.
Well rust has a borrow checker which does make some memory bugs harder to create but to say that rust solved any of the known open problems in computer security. The answer is clearly no. It just copied some good ideas from ocaml into C++ and got some good marketing.
borrow checkers also already exist for C/C++/etc [just most people don’t use them]
so, slightly safer defaults than C/C++ but doesn’t contain any new/unique security magic.
I feel like this is an example of innovation vs invention. Rust did not invent borrow checking. It did, however, make the borrow checker an integral part of the language and compiler. Making memory safety the default behavior is innovative and makes it the path of least resistance.
Memory safety issues are responsible not just for crashes and perf degredation but are a significant attack vector for exploits. Making it harder to land there makes these exploitable conditions less common. The mechanism is not unique but its integral place in the language is.
It kinda really pioneered its particular kind of memory management. There’s some theoretical ancestry involving ML-based research languages with region typing, stuff like this, but those are ultimately quite different. The rest of the type system is basically a cut-down Haskell (Hindley-Milner with qualified types (typeclasses/traits)), with some minor titbits and fiddling.
not exactly, as there are rust compilers like mrust that don’t actually have borrow checkers and virtually none of those safety checks actually occur and there is a question of if the gcc rust compiler would be implementing that feature into the compiler.
So, that would be an attribution failure; as it isn’t required by the language but the most popular rust compiler does include that feature.
But yes, more compilers would likely benefit the languages they support by also adopting that feature by default.
Borrow checking is part of the language specification, and a compiler that does not include it is, by definition, incomplete. The authors of mrust even state this in the project README.
Your claim is roughly equivalent to saying a C compiler which does not produce an error when a program calls an undeclared function means that C as a language does not ensure that your code doesn’t call functions that don’t exist - i.e., nonsense at worst, and irrelevant at best.
But it also has a cool name. You forgot to mention that very important aspect.