this post was submitted on 21 Dec 2023
231 points (96.0% liked)
Linux
48372 readers
1238 users here now
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
People keep saying this but Rust is not only about memory safety. It's not C with memory safety sprinkled on top. Compare with C and C++ it has better tooling and dependency management, it's easier to create modules and organize your code, it's easier to write tests and it has loads of nice, modern language features like algebraic types and typeclasses. Because of all this Rust is growing fast and a lot of people like it. Writing things in Rust is a bet that more people will get behind them and you will be able to add more features faster to them than to existing projects in C. The idea is not to simply do the same but in Rust. It is to have a cleaner, easier to approach codebase that will allow to grow faster in the future.
It would certainly be interesting to see if an OS written in Rust can end up being notably more reliable and secure. My curiosity is piqued by the features you mention.
But it happens all the time with other languages. Especially when that language is newer or in the headlines. NodeJS/Electron was a big one a few years ago. Ruby/On Rails a while before that, have seen it for python programs and way back in the day when java was all the rage.
Personally I think it does matter and as a end user I do care to come degree. It tells you some things about the program, like how it can be install/run what deps you might need, is it going to be a memory hog or possibly full of vulnerabilities. The language affects all of these things, more so when the projects are new or niche and have not been hardened over time or been properly packaged yet.
Personally I love it when a program is written in languages like rust or go as it means I know it is going to be easy to build/install and distribute given they build into single binaries and very easy to make static. But if I see one written in nodejs with electron I am disappointed as I know it is going to be a huge package that consumes large amounts of memory. Or if there is some python package that is not already packaged by my distro I would avoid it as I hate dealing with python dependencies and its virtualenvs.
And for this case, with redox. Well redox is not an application to be used by people. It is a showcase about what can be done in the language. It is not intended for most people that hear of it to ever run it or even want to run it. Yet is very impressive what they have managed to do in it. Including having parts written for it be able to work standalone in Linux and other OSs.
I'm looking at how many of the bugs and security issues are due to memory unsafe code - it's A LOT and new ones come up almost daily. Humans are just bad at writing safe code because we are so fallible. So if we can eliminate a significant percentage of these bugs from the ground up that suddenly becomes very interesting. Besides personally after two decades of C and C++ (and debugging them) I find Rust much more pleasant and "ergonomic" to use.
If we want an OS to be more secure by design we really have to begin at the most basic level. It might never be perfect but we can greatly reduce the attack surface. This is also why Microsoft is rewriting a number of vulnerable system components of Windows in Rust.
So why is it important to the end-user? Well, if that's Average Joe, maybe not but Redox OS right now is not mainstream, it is for us nerds who are interested in a safer OS and to see what can be done in that space. Maybe you don't care and that's fine, but some of us do and just like any post here, people can chose to skip over it or dive into the discussion, we can't guarantee that all posts or projects are interesting to everyone :)
That's fair, I'm just saying it's not "OS with memory safety" but "OS written in modern language". I guess it's interesting in itself but yeah, definitely not groundbreaking.