PermRust: A Token-based Permission System for Rust
Permission systems which restrict access to system resources are a well-established technology in operating systems, especially for smartphones. However, as such systems are implemented in the operating system they can at most manage access on the process-level. Since moderns software often (re)uses code from third-parties libraries, a permission system for libraries can be desirable to enhance security. In this short-paper, we adapt concepts from capability systems building a novel theoretical foundation for permission system at the level of the programming language. This leads to PermRust, a token-based permission system for the Rust programming language as a zero cost abstraction on top of its type-system. With it access to system resources can be managed per library.
View on arXiv@article{gehring2025_2506.11701,
title={ PermRust: A Token-based Permission System for Rust },
author={ Lukas Gehring and Sebastian Rehms and Florian Tschorsch },
journal={arXiv preprint arXiv:2506.11701},
year={ 2025 }
}