There's a new operating system that wants to do away with the old mistakes and cruft in other operating systems. It's called Redox OS and is available on GitHub. It's aimed at creating an alternative OS that is able to run almost all Linux executables with only minimal modifications. It features a pure ecosystem using the Rust programming language which they hope will improve correctness and security over other OSes. They are not afraid to prioritize correctness over compatibility. The philosophy being that "Redox isn't afraid of dropping the bad parts of POSIX while preserving modest Linux API compatibility."
Redox levels harsh criticisms at other OSes, saying "...we will not replicate the mistakes made by others. This is probably the most important tenet of Redox. In the past, bad design choices were made by Linux, Unix, BSD, HURD, and so on. We all make mistakes, that's no secret, but there is no reason to repeat others' mistakes." Not stopping there, the Redox documentation contains blunt critiques of Plan 9, the GPL, and other mainstays.
Redox OS seems to be supported on the i386 and x86_64 platforms. The aims are microkernel design, implementation in Rust language, optional GUI — Orbital, newlib for C programs, MIT license, drivers in userspace, common Unix commands included, and plans for ZFS.
They want to do away with syscalls that stay around forever and drivers for hardware that, for a long time, simply isn't possible to buy any more. They also provide a codebase that doesn't require you to navigate around 25 million lines of code like Linux.
Perhaps the mathematically proven L4 microkernel is something to consider over the monolithic kernel approach where any single driver can wreck the system? One aspect to look out for is if they map the graphic cards into user space.
Mark All as Read
Mark All as Unread
since the code doesn't change during run-time
Um, that would be nice. Usually true, other than when someone is breaking in.
The NX bit [wikipedia.org] takes care of that for some time now. It allows to make the memory either writable or executable, but not both.
But past all the HW and SW protection mechanisms come the logical errors. And the logical errors are independent of the language. If hacker can convince application to delete all data, or overwrite it with junk, no amount of abstract safety features would help.
Otherwise, as a system developer, I do not mind - in fact, I welcome - such experiments. An advent of another system programming language beside C could only be a positive news. But I do not have much expectations toward the OS rewrite. If they were really serious about Rust as system language, as first step they should have tried integrate the support with BSD or Linux kernels, to allow writing drivers completely in Rust. But since they have started from the wrong end - rewrite of an OS - I really do not have any kind of hopes of them succeeding.
The NX bit does not defend against return-oriented programming.
I haven't been keeping up lately and hadn't heard about that technique [wikipedia.org]. That's quite a fancy way to smash the stack!