www.digitalmars.com         C & C++   DMDScript  

digitalmars.D - CloudABI support?

reply Andrew Pennebaker <andrew.pennebaker gmail.com> writes:
Some UNIX coders are looking forward to restricting system calls 
with CloudABI, so that we can get similar security and 
portability to Docker, without the loss of efficiency of 
containers. What do D coders think of CloudABI?

https://nuxi.nl/

Here's an example for building C CloudABI applications with cc 
from Clang:

https://github.com/mcandre/cartel

I wonder if LDC could be similarly wired up to build CloudABI 
binaries from D source files?
Dec 25 2018
parent reply Joakim <dlang joakim.fea.st> writes:
On Tuesday, 25 December 2018 at 17:36:46 UTC, Andrew Pennebaker 
wrote:
 Some UNIX coders are looking forward to restricting system 
 calls with CloudABI, so that we can get similar security and 
 portability to Docker, without the loss of efficiency of 
 containers. What do D coders think of CloudABI?

 https://nuxi.nl/

 Here's an example for building C CloudABI applications with cc 
 from Clang:

 https://github.com/mcandre/cartel
I wish someone would teach all these projects that you need to describe what you're actually doing up front. AFAICT just from their other website at https://cloudabi.org, whose front page isn't much better than the one you gave, that would be "A new capability-based C runtime and APIs so that all your cloud applications can be secured and run portably across any OS we support." What's their solution for multi-arch, separate or fat binaries? Capabilities are nice, but I don't know enough about security tech to say if they're much better than other sandboxing tech. I suspect that security is still a hard sell for most, and it will not go farther than those few niches who care.
 I wonder if LDC could be similarly wired up to build CloudABI 
 binaries from D source files?
Of course, as all it seems to need is libc support, some API wrappers in D, and maybe some ABI tweaks, which is no different than porting D to any other common platform.
Dec 25 2018
parent aberba <karabutaworld gmail.com> writes:
On Tuesday, 25 December 2018 at 19:26:29 UTC, Joakim wrote:
 On Tuesday, 25 December 2018 at 17:36:46 UTC, Andrew Pennebaker 
 wrote:
 [...]
I wish someone would teach all these projects that you need to describe what you're actually doing up front. AFAICT just from their other website at https://cloudabi.org, whose front page isn't much better than the one you gave, that would be "A new capability-based C runtime and APIs so that all your cloud applications can be secured and run portably across any OS we support." What's their solution for multi-arch, separate or fat binaries? Capabilities are nice, but I don't know enough about security tech to say if they're much better than other sandboxing tech. I suspect that security is still a hard sell for most, and it will not go farther than those few niches who care.
 [...]
Of course, as all it seems to need is libc support, some API wrappers in D, and maybe some ABI tweaks, which is no different than porting D to any other common platform.
It made sense to me. I use docker and yaml for configuration as a web developer so maybe that's why. Normally an app will get its configuration from envirinment variable or from the system...hence it becomes less portable (dependent of the host environment) and "insecure" like they claim.
Jan 01