Codejail
Codejail: Application-transparent isolation of libraries with tight program interactions Dynamically linked libraries are commonly used in software programs to facilitate code reuse. Once a library is linked into a software program, a bug in the library can lead to compromise of the whole program. Moreover, the library may also contain malicious code. Existing solutions for software component isolation assume simple interactions between a library and the main program, otherwise, they require significant modification of the main program and the library. In this paper, we propose a novel solution, Codejail, which supports a partial isolation of libraries that have tight memory interactions with the main program. Codejail requires no modification to the main program or the library. We demonstrate using a Linux prototype that Codejail can work easily with real-world programs and libraries. The performance is good for a portable implementation with costs commensurate with the degree of tight interaction.
Keywords for this software
References in zbMATH (referenced in 2 articles )
Showing results 1 to 2 of 2.
Sorted by year (- Nikos Vasilakis, Cristian-Alexandru Staicu, Greg Ntousakis, Konstantinos Kallas, Ben Karel, André DeHon, Michael Pradel: Mir: Automated Quantifiable Privilege Reduction Against Dynamic Library Compromise in JavaScript (2020) arXiv
- Wu, Yongzheng; Sathyanarayan, Sai; Yap, Roland H. C.; Liang, Zhenkai: Codejail: Application-transparent isolation of libraries with tight program interactions (2012) ioport