Sandbox

• Wikipedia - Sandbox (computer security)

seccomp

• Wikipedia - seccomp

• Linux kernel’s feature since version 2.6.12

• seccomp-bpf : system call filter

• used by

  • OpenSSH
  • vsftpd
  • Chrome/Chromium
  • LXD
  • Firefox
  • Firefox OS

PyPy’s sandboxing

• PyPy’s sandboxing features

NaCl

• Wikipedia - Google Native Client

• 在 sandbox 裡安全地執行 Intel x86、ARM、MIPS 的子集

• 接近原生速度

• Software Fault Isolation (SFI) model

  • 限制可以執行的 code (Control Flow Integrity → CFI)
  • 限制哪些資料可以被存取 (Data Integrity)
  • 限制 I/O 介面

• 被用於 ZeroVM

  • Wikipedia - ZeroVM

• Native Client - Google Chrome

  • Sandbox Internals
  • PNaCl Bitcode Reference Manual

• Native Client - Frequently Asked Questions

• Native Client:A Sandbox for Portable, Untrusted x86 Native Code

  • Google - Publication Data
  • Slide

• LLVM on the Web Using Portable Native Client to run Clang/LLVM in the Browser

  • Slide