The OS's encapsulation barrier is a process, not a crate, hence no automatic crate-level boundaries for OS calls.<p>AFAICT the idea is that stuff from different crates should be insulated from each other by the compiler, and only made to interact by explicit programmer's intent. If a crate is dedicated to provide interaction with specific OS calls, this becomes an interesting problem.