1. 7

Abstract: “System-level development has been dominated by traditional programming languages such as C and C++ for decades. These languages are inherently unsafe regarding memory management. Even experienced developers make mistakes that open up security holes or compromise the safety properties of software. The Rust programming language is targeted at the systems domain and aims to eliminate memory-related programming errors by enforcing a strict memory model at the language and compiler level. Unfortunately, these compile-time guarantees no longer hold when a Rust program is linked against a library written in unsafe C, which is commonly required for functionality where an implementation in Rust is not yet available.

In this paper, we present Sandcrust, an easy-to-use sandboxing solution for isolating code and data of a C library in a separate process. This isolation protects the Rust-based main program from any memory corruption caused by bugs in the unsafe library, which would otherwise invalidate the memory safety guarantees of Rust. Sandcrust is based on the Rust macro system and requires no modification to the compiler or runtime, but only straightforward annotation of functions that call the library’s API.”


  2. 3

    Interesting, the TU Dresden seems to do quite a lot of things in Rust!

    1. 1

      What I know them for is high-assurance, security architectures like Nizza, Nitpicker GUI, L4’s, user-mode Linux, and so on. Genode OS Framework uses some of their research.

      I didnt know they were doing a lot of Rust stuff. Thanks for tip.

      1. 2

        There’s also Sebastian Humenda (https://archive.fosdem.org/2018/schedule/event/microkernel_l4re_rust/), who’s doing Rust on L4. I know of some others, but that’s not public.

        I know a couple of people that did Rust there (but are now in the industry) and they have one of the oldest meetups in Dresden.