redox
bubblewrap
Our great sponsors
redox | bubblewrap | |
---|---|---|
12 | 75 | |
14,862 | 3,641 | |
0.7% | 3.5% | |
9.6 | 6.6 | |
6 days ago | 6 days ago | |
Shell | C | |
MIT License | GNU General Public License v3.0 or later |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
redox
-
Fomos: Experimental OS, Built with Rust
Redox is another full fledged OS written in rust by Pop OS developer
https://github.com/redox-os/redox
-
GNU/Hurd strikes back: How to use the legendary OS in a (somewhat) practical way
Even in the noncommercial world, Hurd's gone precisely nowhere. RedoxOS is a toy and had a GUI within a year or so. Brutal got in within two. SerenityOS not only built a GUI but the beginnings of the first greenfield web browser to gain any semblance of modern standards support in the past several decades. Honestly, what's Hurd doing wrong to flounder so hard?
[0] https://github.com/redox-os/redox/releases/tag/0.0.3
[1] https://github.com/brutal-org/brutal/releases
[2] https://serenityos.org/happy/1st/
-
Rust is ugly, doesn’t even let you write simple data structures, unsafe rust is not even defined, makes the simplest things so hard to write and did I mention it’s ugly?
Ah yes, std, that famous crate that is unusable for systems programming. God forbid anyone do any "systems" programming that uses std.
-
Planning to make a video on cool Rust apps focused on the end user. Make recommendations!
Operating System: Theseus, Redox
-
The wild world of non-C operating systems
Looks like C++ to me!
And my point is that when you mention OS-es like Mezzano (3k stars on Github, a dozen contributors [1]) and Redox (13k stars, 80 contributors [2]), but don't mention Serenity (18k stars, over 100 contributors [3] (Github limits this view to the top 100)) it seems funny.
[0] https://github.com/SerenityOS/serenity/tree/master/Kernel/Ar...
[1] https://github.com/froggey/Mezzano/graphs/contributors
[2] https://github.com/redox-os/redox/graphs/contributors
[3] https://github.com/SerenityOS/serenity/graphs/contributors
-
How far are we from writing Redox on Redox?
Side note, blog posts may have been quiet but there's still been some commit activity here and there.
-
Porting QEMU to RedoxOS
>I wish opportunities had been around when I was learning to program.
And yet now, we have plenty of projects and nobody contributing.
https://github.com/redox-os/redox/graphs/contributors
This graph doesn't look so healthy. Projects with one major contributor tend to die the moment that contributor loses interest.
Which leads me to wonder, if rust is so popular, and this is one of the most relevant rust projects in the wild, why is this essentially a single contributor repo? Linus didn't write Linux by himself. Redox is never going to happen with a single developer.
Doesn't anyone want a memory safe OS and micro kernel? What does this say about the demand for memory safe systems languages?
-
Pop!_OS uses a lot of Rust
I think the guy behind RedoxOS works for them.
-
[ SECURITY ] Linux Is Not More Secure Than Other os
redox os is rust operating system without c , here
-
I Want to start leaning OS development on microcontrollers, any advice?
RedoxOS, an OS written in Rust A tutorial on making an OS in Rust, complwte with bootable source
bubblewrap
-
I Use Nix on macOS
Nothing nix specific but you may be interested in https://github.com/containers/bubblewrap
- I reduced the size of my Docker image by 40% – Dockerizing shell scripts
- Exploring Podman: A More Secure Docker Alternative
-
Using GitLab Kubernetes Runners to Build Melange Packages
Recently, I came across Chainguard and wrote the article How to build Docker Images with Melange and Apko. As a fervent supporter of Kubernetes and GitLab CI, I was eager to experiment with building images using Melange in this particular setup. GitLab's shared Runners work seamlessly with Bubblewrap, eliminating the need for additional configurations. This post is intended for enthusiasts like myself, interested in hosting their own Kubernetes Runners and leveraging the Kubernetes Runner Type of Melange.
- how strong is the steam (runtime) sandbox for games?
- Server-side sandboxing: Containers and seccomp
-
A Study of Malicious Code in PyPI Ecosystem
```
This is basically manually invoking what Flatpak does:
https://github.com/containers/bubblewrap
This is also useful for more than just security. E.G., you can test how your app would behave on a fresh install by masking your user configuration files. I personally also have a tool that uses it to basically bundle all dependencies from an entire Linux distribution in order to make highly portable AppImages— Been meaning to post that, will get around to it eventually maybe.
The flags above should hide your user data (`--tmpfs`), disable network access (`--unshare-all`), hide/virtualize devices and OS state (`--dev` and `--proc`), and make the rest of the root filesystem read-only (`--ro-bind`— Including the insecure X11 socket in `/tmp`, which you might want to expose for GUI apps).
Check them against `bwrap --help`; I might have omitted one or two more things you'd need.
- Bubblewrap – Low-level unprivileged sandboxing tool used by Flatpak
-
Firejail: Light, featureful and zero-dependency security sandbox for Linux
While trying to find out more comparison information, found this light on details issue:
https://github.com/containers/bubblewrap/issues/81
It mentions nsjail and minijail.
What are some alternatives?
rust-raspberrypi-OS-tutorials - :books: Learn to write an embedded OS in Rust :crab:
firejail - Linux namespaces and seccomp-bpf sandbox
serenity - The Serenity Operating System 🐞
flatpak - Linux application sandboxing and distribution framework
tock - A secure embedded operating system for microcontrollers
flathub - Issue tracker and new submissions
cli-guidelines - A guide to help you write better command-line programs, taking traditional UNIX principles and updating them for the modern day.
nsjail - A lightweight process isolation tool that utilizes Linux namespaces, cgroups, rlimits and seccomp-bpf syscall filters, leveraging the Kafel BPF language for enhanced security.
book - The Rust Programming Language
distrobox - Use any linux distribution inside your terminal. Enable both backward and forward compatibility with software and freedom to use whatever distribution you’re more comfortable with. Mirror available at: https://gitlab.com/89luca89/distrobox
blog_os - Writing an OS in Rust
multipass - Multipass orchestrates virtual Ubuntu instances