Sciweavers

PLDI
2011
ACM

Language-independent sandboxing of just-in-time compilation and self-modifying code

13 years 2 months ago
Language-independent sandboxing of just-in-time compilation and self-modifying code
When dealing with dynamic, untrusted content, such as on the Web, software behavior must be sandboxed, typically through use of a language like JavaScript. However, even for such speciallydesigned languages, it is difficult to ensure the safety of highlyoptimized, dynamic language runtimes which, for efficiency, rely on advanced techniques such as Just-In-Time (JIT) compilation, large libraries of native-code support routines, and intricate mechanisms for multi-threading and garbage collection. Each new runtime provides a new potential attack surface and this security risk raises a barrier to the adoption of new languages for creating untrusted content. Removing this limitation, this paper introduces general mechanisms for safely and efficiently sandboxing software, such as dynamic language runtimes, that make use of advanced, lowlevel techniques like runtime code modification. Our languageindependent sandboxing builds on Software-based Fault Isolation (SFI), a traditionally stati...
Jason Ansel, Petr Marchenko, Úlfar Erlingss
Added 17 Sep 2011
Updated 17 Sep 2011
Type Journal
Year 2011
Where PLDI
Authors Jason Ansel, Petr Marchenko, Úlfar Erlingsson, Elijah Taylor, Brad Chen, Derek L. Schuff, David Sehr, Cliff Biffle, Bennet Yee
Comments (0)