[2021] Porting an OpenBSD daemon and its security concepts from C to Rust - Reyk Floeter

Rust is an increasingly popular language that is praised for its design that makes it easier to write secure, highly-performant, and modern software. There are major initiatives to rewrite relevant projects in the open source ecosystem and even system software in Rust. Many people in the security-aware BSD community use and follow Rust professionally but most BSD software is still written in C (and Shell and Perl, if that counts). So I started a little experiment for myself: what does it take to rewrite one of the “daemons” that I wrote for OpenBSD in Rust? Will it allow to implement the security innovations and exploit mitigations in a style that is similar to one of OpenBSD’s C programs? The uniqueness of Rust is based on its design to enforce correctness – strong type-, memory-, and thread safety guarantees – in a system programming language without the need for garbage collection, a complex runtime, or a VM. A well-known feature is its ownership model and the “borrow checker” and