I started working on MOROS[1][2] after completing the tutorial 5 years ago, and I cannot recommend it enough for anyone interested in Rust and osdev. Phil put a lot of work into it, and it shows! The project covers a lot, and after that there's the osdev wiki[3] to keep going.
Thanks! Compared to xv6, you will find some important pieces missing. For example, there's no multiprocessor support and no scheduler, only one process can run at any time.
I should also note that user space programs can do memory allocation via syscall, but I currently have an issue with the kernel memory that I probably need to remap higher in memory. So, most commands inside the OS are still executed from kernel space, although they use syscalls and everything as if they were user space programs. I'm having a lot of fun creating device files inspired by Plan9 to communicate with the kernel.
There's a lot of work yet to arrive at something that feels truly complete as an educational OS, but I'm hoping to get there eventually. I really like this project because I'm learning along the way all the time!
Your first point is one of my main goals: I want the whole OS, including user space programs, to fit inside one brain. I'm always trying to find ways to keep complexity low without compromising too much on performance.
Good question, there's no TLS support inside MOROS so its website must be available over HTTP, especially when I self-host it. That's not the case currently so I could also have HTTPS but I'm using Dokku and last time I tried the Let's Encrypt plugin would redirect HTTP to HTTPS automatically, which is annoying.
Edit: I set up CloudFlare in front of the server and there's now a working HTTPS version along with the HTTP version accessible from inside MOROS. This should also work when I'll use again the web server inside the OS. Thanks for prompting me to look into it!
No! Stop! Why won’t this one die!
MITMing is a two way street. I could intercept sensitive data, or I could shove something in that tricks the user (phishing, etc), exploits the user agent, and more!.
“You only need encryption for the sensitive stuff” is what we did, poorly, in the late ‘00s / early ‘10s, and it was rightfully proven to be a bad idea. There’s a reason why browsers treat HTTP the way they currently do, and it isn’t because they’ve been co-opted by Big Certificate Authority.
EDIT: and as the other commenter says, there are download links.
No but we have no "httpv" protocol scheme to require signatures but not encryption
Which IMO has been a huge mistake since breaking caching proxies for networks because we want to prove authenticity and have to do secrecy as well has been quite silly.
im subscribed to your RSS feed since a while back, MOROS seems like a really cool project! sadly haven’t been able to try it since it wouldn’t start on QEMU for some reason, though i think that’s an issue on my side rather than the OS itself.
[1]: http://moros.cc
[2]: https://github.com/vinc/moros
[3]: https://wiki.osdev.org