The Limitations of Traditional Operating Systems
Linux was first introduced in 1991, and the POSIX standard it implements dates back to 1988. Despite the significant advancements in software engineering and computer science over the past three decades, the core design of these technologies has seen little evolution. The Unix/Linux operating system is deeply tied to the C programming language, which, along with the shell, has a relatively weak type system. This makes the overall system brittle and prone to unexpected failures.
The complexity of a typical Linux system, combined with how easily things can go wrong, makes it challenging for most people to “hack” or tinker with their machines. The open-source philosophy emphasizes user control, but simplicity and accessibility are critical to achieving this goal. A modern operating system should be approachable for anyone, with reduced negative consequences for accidental mistakes.
Declarative Configuration and Content-Based Addressing
The current model of configuring a system is similar to writing a program, but it is done using one of the worst programming languages imaginable – a “spaghetti” of weakly-typed configuration files with implicit magic. Programming languages have evolved to become easier to use and offer more guarantees about their correctness, but these advancements have not been applied to system configuration.
A solution to this problem could be a system-wide declarative configuration, similar to what NixOS is doing. However, NixOS doesn’t go far enough – the validity of the system-wide configuration should be fully verifiable ahead of time, making it impossible to set up the system in a way that can malfunction.
Another key trend in computer science is the shift from trusted to untrusted content and infrastructure. Content-based addressing, where programs are identified by the hash of their content, could provide a solution to this issue. This approach would allow developers to distribute their work instantly, without the need for approval from distribution maintainers. However, this hash-based system is not very convenient, and a source of trust would still be needed to tie recognizable names to program hashes.
The Promise of WebAssembly
To address the challenges of content-based addressing, the old idea of “write once, run everywhere” could be revisited using an intermediary language. WebAssembly (Wasm) is a promising candidate for this role, as it is architecture-agnostic, operating-system-agnostic, and makes minimal assumptions about its environment.
Wasm was initially conceived for the web, but it can also be used outside of a browser through the Wasi (WebAssembly System Interface) extension. Wasi provides a standard way for Wasm programs to interact with the underlying operating system, without the limitations of the POSIX standard.
The integration of Wasm and Wasi has the potential to revolutionize application development and deployment. Wasm programs can be easily distributed and executed in a secure, sandboxed environment, without the need for traditional installation or configuration processes.
Overcoming the Limitations of Traditional Operating Systems
The Unix philosophy, where programs are expected to do one thing and do it well, is still a good principle, but it should be applied at the module level within a programming language, rather than to standalone programs. The rise of Docker containers and virtualization can be seen as a consequence of the failure of existing operating systems to properly isolate programs.
In a modern operating system, programs should completely stop sharing access to a single global file system. The concept of files could be reimagined, with content-addressed data replacing the traditional hierarchical file system. Users should be able to understand the purpose of any file on their disk, and the system should provide a clear separation between user-specific data and system-wide components.
The Integration of WebAssembly and Operating Systems
The integration of Wasm and Wasi with containerization and orchestration technologies, such as Docker and Kubernetes, has the potential to revolutionize application development and deployment. Wasm offers several advantages over traditional containers, including faster startup times, smaller binary sizes, and more robust sandboxing capabilities.
While Wasm may not completely replace existing container technologies, it can be used alongside them, providing a more efficient and secure way to package and run applications. The ability to run Wasm modules in a sandboxed environment, with fine-grained control over system resources and permissions, could address many of the security and reliability concerns that have plagued traditional operating systems.
Conclusion
The future of operating systems lies in the integration of innovative technologies like WebAssembly and the adoption of more robust, declarative, and secure approaches to system configuration and program isolation. By embracing the potential of Wasm and Wasi, operating system designers can create more reliable, accessible, and customizable computing environments that better meet the needs of modern users and developers.
As the ecosystem around Wasm continues to mature, and the tooling and integration with cloud computing platforms evolves, it is expected to become an increasingly dominant force in the operating system landscape. The Linux Foundation’s work in this area, through projects like WasmEdge and wasmCloud, is a testament to the growing importance of Wasm in the future of computing.
By exploring the possibilities of Wasm and addressing the limitations of traditional operating systems, we can unlock new levels of flexibility, security, and performance in the computing experiences of the future. As users and developers, we can look forward to a world where our computers “just work” and empower us to focus on our tasks, rather than constantly fighting with the underlying system.
