Rust has achieved a lot already in terms of proposing a safe alternative to existing system programming languages.
Not only is the safe subset of Rust already much safer than most alternatives (with maybe Ada/Spark being a strong contender?), but there is also a desire to tame the unsafe subset of Rust, and its FFI:
- Niko is thinking hard about the operational semantics of unsafe code,
- Japaric is working on making the sanitizers (ASan, MemSan, TSan) available to Rust developers,
- Rust being a native language plays nice with valgrind,
- I know for sure that Rust also uses ASLR (Address Space Layout Randomization).
Clearly, there is a desire for defense in depth.
I was wondering if this extended to a wish to extend the runtime hardening beyond ASLR.
For example, Clang has some Control Flow Integrity checks which can be used in Release binaries at a minimum runtime cost (the Forward-Edge CFI for virtual calls adds less than 1% overhead) and Safe Stack which splits the stack in two (safe and unsafe subparts).
I was wondering if Rust had other mitigations strategies than ASLR or there were plans to integrate some of them.