Betriebssysteme · Institut für Systemarchitektur · Fakultät Informatik · TU Dresden



12. 05. 2017

Automatic Sandboxing of Unsafe Software Components in High Level Languages


Benjamin Lamowski

TU Dresden

Verteidigung der Master-Arbeit

This work explores the design space of automated componentization for software written in modern safe programming languages, with the goal of sandboxing unsafe legacy libraries. It describes the design and implementation of Sandcrust, a Rust library that enables the reuse of C libraries in Rust without compromising the memory safety guarantees for safe Rust code. The Linux prototype shows that it is possible to safely use complex C library interfaces, while providing seamless integration into the Rust development ecosystem. The performance evaluation identifies a performance bottleneck in Bincode, a popular Rust library, and quantifies the impact by implementing a common use case without Bincode. Alternatives for abstracting a paradigm of componentization in a programming language are examined for the use case of separating an untrusted external component.
19. Jun 2018
· Copyright © 2001-2010 Operating Systems Group, TU Dresden | Impressum ·