DevOps.com

  • Latest
    • Articles
    • Features
    • Most Read
    • News
    • News Releases
  • Topics
    • AI
    • Continuous Delivery
    • Continuous Testing
    • Cloud
    • Culture
    • DataOps
    • DevSecOps
    • Enterprise DevOps
    • Leadership Suite
    • DevOps Practice
    • ROELBOB
    • DevOps Toolbox
    • IT as Code
  • Videos/Podcasts
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
    • DevOps Unbound
  • Webinars
    • Upcoming
    • Calendar View
    • On-Demand Webinars
  • Library
  • Events
    • Upcoming Events
    • Calendar View
    • On-Demand Events
  • Sponsored Content
  • Related Sites
    • Techstrong Group
    • Cloud Native Now
    • Security Boulevard
    • Techstrong Research
    • DevOps Chat
    • DevOps Dozen
    • DevOps TV
    • Techstrong TV
    • Techstrong.tv Podcast
    • Techstrong.tv - Twitch
  • Media Kit
  • About
  • Sponsor
  • AI
  • Cloud
  • CI/CD
  • Continuous Testing
  • DataOps
  • DevSecOps
  • DevOps Onramp
  • Platform Engineering
  • Sustainability
  • Low-Code/No-Code
  • IT as Code
  • More
    • Application Performance Management/Monitoring
    • Culture
    • Enterprise DevOps
    • ROELBOB
Hot Topics
  • Linux Foundation Europe to Host RISE Open Source Project
  • I Guess This is Growing Up: Devs and CISA’s Secure-by-Design Guidelines
  • Forget Change, Embrace Stability
  • Finding Your Passion
  • State of Software Security Report 2023 - Chris Eng, Veracode

Home » Blogs » Linus Torvalds Signals Support for Memory-Safe Rust Language

Linus Torvalds Signals Support for Memory-Safe Rust Language

Avatar photoBy: Mike Vizard on September 15, 2022 Leave a Comment

Linus Torvalds told attendees of the Open Source Summit Europe conference today that he is hopeful the foundational work needed to add support for the Rust programming language will be laid in a forthcoming version 6.1 of the Linux operating system.

It would take several additional releases of Linux to add full support for Rust, but the ability to more easily build and deploy applications written in Rust will go a long way toward improving the overall state of application security on Linux platforms.

TechStrong Con 2023Sponsorships Available

The Open Source Security Foundation (OpenSSF), an arm of the Linux Foundation, has called for replacing programming languages like Java that are not memory-safe as part of a larger plan to secure open source software supply chains. Rust is a memory-safe language that employs a compiler to track the ownership of values that can be used once and a borrow checker that manages how data is used without relying on traditional garbage collection techniques.

Earlier this week, the Rust Foundation allied with OpenSSF and JFrog to address other security issues that might arise as applications are developed in Rust.

It’s not clear just how many developers are adopting Rust, but Torvalds said he personally was looking forward to learning the Rust syntax—using a recently-acquired laptop based on an Arm processor—should the maintainers of Linux approve the effort. However, Torvalds also left open the possibility that adding support for Rust might not be as successful as initially hoped.

Torvalds also bemoaned the overall state of cybersecurity transparency at the operating system level. Many of the bugs that are encountered at the hardware level cannot be shared with the entire open source community, so any fix to those efforts is not subject to the same level of peer review as the rest of the operating system. The overall situation is improving, but it’s still very painful from a development perspective, he said. Secrecy is counter to the open source ethos, he said.

As new applications are built using a memory-safe programming language, the overall security posture of an organization will steadily improve. The challenge, of course, is that the number of developers that know how to build applications using those languages is still relatively small. Of course, replacing trillions of lines of code that have already been constructed using a variety of legacy non-memory-safe languages represents a gargantuan task that might never be fully completed—but shifting to a modern programming language is a major step in the right direction when it comes to application security.

There may even come a day when the way applications are coded is a lot more secure by default than it is today. That may not necessarily resolve every application security issue, but as the programming languages become inherently more secure, the pressure on developers to become cybersecurity experts should ease—assuming, of course, they are willing to learn a new way to write code.

Recent Posts By Mike Vizard
  • Linux Foundation Europe to Host RISE Open Source Project
  • Five Great DevOps Job Opportunities
  • CDF Marries Emporous Repository to Ortelius Management Platform
Avatar photo More from Mike Vizard
Related Posts
  • Linus Torvalds Signals Support for Memory-Safe Rust Language
  • Rust in Linux 5.20 | Deepfake Hiring Fraud | IBM WFH ‘New Normal’
  • The Linux Foundation Throws Weight Behind Secure Microkernel
    Related Categories
  • Blogs
  • DevOps and Open Technologies
  • DevOps Practice
  • Features
  • News
    Related Topics
  • Linus Torvalds
  • Linux Foundation
  • open source
  • Rust
Show more
Show less

Filed Under: Blogs, DevOps and Open Technologies, DevOps Practice, Features, News Tagged With: Linus Torvalds, Linux Foundation, open source, Rust

« Where Should I Store My IaC?
DevOps Unbound EP 24 – Cloud Performance Testing »

Techstrong TV – Live

Click full-screen to enable volume control
Watch latest episodes and shows

Upcoming Webinars

App-Solutely Necessary: Why Modernizing Your Apps Is A Must Hosted By The Cloudbusting Podcast Team
Thursday, June 1, 2023 - 11:00 am EDT
Confident Cloud Migrations: How A Top 5 Bank Ensured Reliability With AWS And Gremlin
Thursday, June 1, 2023 - 1:00 pm EDT
Securing Your Software Supply Chain with JFrog and AWS
Tuesday, June 6, 2023 - 1:00 pm EDT

GET THE TOP STORIES OF THE WEEK

Sponsored Content

PlatformCon 2023: This Year’s Hottest Platform Engineering Event

May 30, 2023 | Karolina Junčytė

The Google Cloud DevOps Awards: Apply Now!

January 10, 2023 | Brenna Washington

Codenotary Extends Dynamic SBOM Reach to Serverless Computing Platforms

December 9, 2022 | Mike Vizard

Why a Low-Code Platform Should Have Pro-Code Capabilities

March 24, 2021 | Andrew Manby

AWS Well-Architected Framework Elevates Agility

December 17, 2020 | JT Giri

Latest from DevOps.com

Linux Foundation Europe to Host RISE Open Source Project
May 31, 2023 | Mike Vizard
I Guess This is Growing Up: Devs and CISA’s Secure-by-Design Guidelines
May 31, 2023 | Pieter Danhieux
Forget Change, Embrace Stability
May 31, 2023 | Don Macvittie
What Is a Cloud Operations Engineer?
May 30, 2023 | Gilad David Maayan
Five Great DevOps Job Opportunities
May 30, 2023 | Mike Vizard

TSTV Podcast

On-Demand Webinars

DevOps.com Webinar ReplaysDevOps.com Webinar Replays

Most Read on DevOps.com

CDF Marries Emporous Repository to Ortelius Management Platform
May 26, 2023 | Mike Vizard
Microsoft Adds Slew of Developer Tools to Azure
May 24, 2023 | Mike Vizard
US DoJ Makes PyPI Give Up User Data ¦ Tape Storage: Not Dead
May 25, 2023 | Richi Jennings
Is Your Monitoring Strategy Scalable?
May 26, 2023 | Yoni Farin
The Metrics Disconnect Between Developers and IT Leaders
May 25, 2023 | Mike Vizard
  • Home
  • About DevOps.com
  • Meet our Authors
  • Write for DevOps.com
  • Media Kit
  • Sponsor Info
  • Copyright
  • TOS
  • Privacy Policy

Powered by Techstrong Group, Inc.

© 2023 ·Techstrong Group, Inc.All rights reserved.