You might be interested to learn the nanoVM market. If i have to beleive some security reports on them, there's a lot of room for innovationxfluq wrote: ↑Wed Aug 14, 2024 3:49 pm Hello,
almost a month ago there was a global outage on windows, but especially on servers. It still fascinates me why Windows is used as a server at all, but that aside.
I've always been a fan of working only in the console, it makes things easier and clearer.
But the outage got me thinking, why isn't there still a small, respectable operating system that is only suitable for running on servers?
When I started out in software development over ten years ago, I always thought that servers mostly worked with such systems. More code leads to more errors and errors are an absolute nogo, especially on servers, where millions of customer data are stored.
So why not just linux? Here, too, it is usually the many components that lead to security gaps. (how many times has there been a privilege escalation gap)
I've always been very interested in kernel development and now I have a use case, so I wanted to ask whether my idea is too utopian or realistically feasible.
An operating system without Gui, without graphics drivers, ect. Only terminal. It should be able to process requests, protocols that should be supported: ssh, ftp, http(s). Also a rights system that I would orientate very much on Docker, rights must be given explicitly, to other programs, as well as to the file system. For the file system ext2? Also only standard commands known from Linux.
In my rather inexperienced eyes, this should be theoretically feasible. I program mainly in C#, but have also learned C. Can C# also be used as a language for something like this or is it better to go with C / C++? (purely from a performance point of view)
Please be honest, on the one hand I would be interested, as I have never dived that deep into systems and think every developer should do so, on the other hand I don't want to throw myself into a mountain of work and do nothing else for the next 30 years.
Thanks for your time reading this
. They are sort of operating systems which run on VMWare and other virtualization platforms, to provide an 'application' as OS. Things like web-server, database etc. Mostly they spin up some unix-like thing and cross-compile like a postgres or so to it. The problem is with a lot of these, even trivial security features like KASLR, stack-protection etc. is missing, making them really prone to getting security issues. You could try making a little base that has good security features (atleast the well known ones implented. secureboot, kaslr, karl, aslr, stack-protectors, etc. - these are well documented.).It's a good idea, and proven to be quite efficient, but so far I did not encounter any ones which are so well executed that people actually would like to use them in production, especially in light of more strict laws around data protection / security etc.
If you'd go this way, i'd also recommend to learn a lot about, secure coding and perhaps even certification things (like medical software is certified. - u'd need C or C++ for that, i don't think other languages generally get certified on such levels - unsure though on that last part.).
If you don't want a mountain of work for 30 years, it might be easier to try and solve this with a Linux or BSD kernel instead. strip out what's not needed in there for the specific use-case, lock it down more with things like PAX etc. (hardened BSD has examples how to do that) and then make the user-space a single application rather than a multi-purpose system. You'd be able to use a lot of existing goodies from those kernels and get to a working and secure thing much quicker.