Sandboxing. The goal of sandboxing is to enable the safe execution of untrusted, potentially malicious code. This is achieved by ensuring that the untrusted code is confined to a set of tightly controlled resources. Here we focus on one important aspect: preventing code from reading outside of its own subset of the address space. To achieve this, just-in-time compilers enforce access-control policies by inserting checks to ensure that all memory accesses happen within the sandbox’s bounds. We describe sandboxes using policies π, where memory out- side of the sandbox is declared high. To account for programs that may escape the sandbox by exploiting speculation across access-control checks, we make the following distinction: • Traditional sandboxing approaches [24], [25] check/en- force vanilla sandboxing: A program p is vanilla-sandboxed
Appears in 2 contracts
Sources: Hardware Software Contracts, Hardware Software Contracts