- provide user code written in Rust with a fluent Rust API
- capability-based security
ioctlis a great example of exactly what not to do - every system call should be its own call. requiring the programmer to keep track of both syscalls and values to pass toioctlis a pain.kqueueis good