Show HN: Solnix – an early-stage experimental programming language
3 months ago
- #eBPF
- #Security
- #Linux Kernel
- Solnix is a verifier-safe programming language designed for Linux kernel security, specifically for writing eBPF security policies.
- It prioritizes safety, auditability, and predictable behavior under the Linux kernel verifier.
- Solnix supports Linux Security Modules (LSM), XDP, TC, and tracing policies with a clean high-level syntax.
- Key features include native eBPF performance, kernel verifier compliance, structured high-level syntax, and concurrency-safe operations.
- Example use case: Block execution of forbidden binaries using LSM with a deny list.
- Design principles focus on compile-time guard checks, bounded memory access, and security-focused abstractions.