An anonymous reader shares this enthusiastic report from ZDNet: Earlier this year, Linus Torvalds approved of adding drivers and other components in Rust to Linux.* Last week, at the virtual Linux Plumbers Conference, developers gave serious thought to using the Rust language for new Linux inline code. [“Nothing firm has been determined yet,” reported Phoronix, “but it’s a topic that is still being discussed.”] And, now Amazon Web Services (AWS) has announced that its just-released Bottlerocket Linux for containers is largely written in Rust.
Mozilla may have cut back on Rust’s funding, but with Linux embracing Rust, after almost 30-years of nothing but C, Rust’s future is assured. Rust was chosen because it lends itself more easily to writing secure software. Samartha Chandrashekar, an AWS Product Manager, said it “helps ensure thread safety and prevent memory-related errors, such as buffer overflows that can lead to security vulnerabilities.” Many other developers agree with Chandrashekar.
Bottlerocket also improved its security by using Device-mapper’s verity target. This is a Linux kernel feature that provides integrity checking to help prevent attackers from overwriting core system software or other rootkit type attacks. It also includes the extended Berkeley Packet Filter (eBPF), In Linux, eBPF is used for safe and efficient kernel function monitoring.
* Linus’s exact words were “people are actively looking at, especially doing drivers and things that are not very central to the kernel itself, and having interfaces to do those, for example, in Rust. People have been looking at that for years now. I’m convinced it’s going to happen one day.”
The article also reminds readers that AWS’s Bottlerocket “is also designed to be quick and easy to maintain… by including the bare essentials needed to run containers…”
“Besides its standard open-source elements, such as the Linux kernel and containerd container runtime, Bottlerocket’s own code is licensed under your choice of either the Apache 2.0 or the MIT license.”