Why Chrome is Adding Rust: Boosting Security and Simplicity in Chromium

The Google Chrome security team announced that Chromium will support the use of third‑party Rust libraries in the project.

Chrome engineers are actively working to add a production‑ready Rust toolchain to the Chromium build system, with the goal of incorporating Rust code into Chrome binaries as early as next year.

Google currently supports only third‑party Rust libraries because they are independent components with simple, focused APIs, avoiding the need to address Chromium‑specific requirements.

Goals and Benefits

According to Google, introducing Rust aims to provide a simpler (no IPC) and safer (lower overall complexity than C++, no memory‑safety errors in the sandbox) way to meet two security rules, accelerating development (less code, fewer design documents, fewer security reviews) and improving Chrome’s security (more lines of code without memory‑safety bugs, lower bug density).

Two‑Rule Principle

The "two‑rule" states that when handling untrusted input from the Internet, a code path should involve no more than two of the following three risk factors: (1) untrusted input, (2) unsafe implementation language, (3) high privilege.

Community Reactions

Some engineers express skepticism, noting that rewriting code in Rust can introduce new bugs and that Google is unlikely to rewrite large portions of Chrome as Mozilla did.

Engineer Lolinder on Hacker News wrote that Rust rewrites are not always beneficial and may lead to regressions, suggesting a focus on writing safe, unique code rather than massive rewrites.

Google senior engineer Jansen praised the move, citing faster development and higher security, while acknowledging current limitations such as one‑way interoperation from C++ to Rust.

Google has also invested in Crubit, an experimental bidirectional C++/Rust interop tool.

About Rust

Rust, originally developed by Mozilla, is a compiled language designed for safety, concurrency, and practicality, supporting functional, concurrent, procedural, and object‑oriented paradigms. It was first sponsored by Mozilla in 2009 and publicly released in 2010.

Author: 场长 Related link: https://security.googleblog.com/2023/01/supporting-use-of-rust-in-chromium.html