
Sandboxing Landscape - jbyers
https://idea.popcount.org/2017-03-28-sandboxing-lanscape/
======
willvarfar
A central goal of the new Mill CPU project is to make strong hardware fault
isolation incredibly cheap and incredibly easy and so simple as to have no
obvious deficiencies.

There's an old talk on Security
[http://millcomputing.com/technology/docs/security/](http://millcomputing.com/technology/docs/security/)

I have prepared a much more up-to-date whitepaper on this that is going
through internal review right now. Afraid we're focusing 99% on sim work at
the moment and that 1% for other business is meaning the paper has been 'in
review' since last autumn... hmm, have to go push :)

But I'm happy to elaborate if anyone has any security questions.

(Apologies if you're all still suffering from Mill fatigue)

------
jagger11
Here's your cool, lightweight and easily configurable sandbox -
[https://github.com/google/nsjail](https://github.com/google/nsjail)

------
walterbell
From [https://cappsule.github.io](https://cappsule.github.io)

 _" Cappsule is a new kind of hypervisor developed by Quarkslab (to our
knowledge, there’s no similar public project). Its goal is to virtualize any
software on the fly (e.g. web browser, office suite, media player) into
lightweight VMs called cappsules. Attacks are confined inside cappsules and
therefore don’t have any impact on the host OS. Applications don’t need to be
repackaged, and their usage remain the same for the end user: it’s completely
transparent. Moreover, the OS doesn’t need to be reinstalled nor modified ...
Cappsule uses hardware virtualization to launch applications into lightweight
VMs, which run a copy of the host kernel and have no access to the hardware.
If an attacker manages to break into the VM (through a bug in the application
for instance), the attack is confined into the VM."_

~~~
rapsey
But VM escape vulnerabilities have existed lots of times. How is this a
guarantee that they do not have one?

~~~
bastawhiz
There is no software that is guaranteed not to contain vulnerabilities.

~~~
igk
Sel4?

~~~
carterschonwald
Provably :)

------
CJefferson
This is an area where i wish there was more easy guides.

For example, i would love to understand how to take a program, limit the total
count time and memory usage of it, and all its children, and be able to clean
up after it.

Bonus points if i can limit what directories it can write to.

I'm sure one of these things will do it, but i don't know what level i want.

------
7373737373
I've been looking for such a language for some time now but couldn't find any
either. The feasibility to run untrusted code, combined with the ability to
suspend, serialize and reschedule running tasks, as in Stackless Python:

[http://stackless.readthedocs.io/en/2.7-slp/library/stackless...](http://stackless.readthedocs.io/en/2.7-slp/library/stackless/pickling.html)

would make it possible to have truly distributed applications. Imagine
thousands of tasklets jumping through your filesystem, local network or the
internet.

Another interesting property is determinism, which in turn would allow for
remote execution and instruction metering - a computation market.

[http://e-drexler.com/d/09/00/AgoricsPapers/agoricpapers.html](http://e-drexler.com/d/09/00/AgoricsPapers/agoricpapers.html)

If the code is fully deterministic, verifying results becomes much simpler,
one option is comparing merkle roots over the entire program state, for
example:

[https://people.cs.uchicago.edu/~teutsch/papers/truebit.pdf](https://people.cs.uchicago.edu/~teutsch/papers/truebit.pdf)

~~~
qznc
What is your use case?

IBM was working on that with Java:
[https://www.ibm.com/developerworks/library/j-multitenant-
jav...](https://www.ibm.com/developerworks/library/j-multitenant-java/)

~~~
7373737373
Nothing serious, really. I just think it would be awesome. In the long term,
working on a general purpose BOINC-like platform could be interesting.

------
mabynogy
Another possibility is to use Moxie ISA:

[http://moxielogic.org/blog/](http://moxielogic.org/blog/)

It has a GCC backend.

------
willvarfar
Redis, for example, uses Lua but limits the Lua to a single pure-function and
enforces an execution time limit [https://redis.io/commands/eval#sandbox-and-
maximum-execution...](https://redis.io/commands/eval#sandbox-and-maximum-
execution-time)

Whilst the complexity of the script is limited in what it can do, it seems
actually not that hard to imagine some kind of next-gen CDN offering edge
scripting to statelessly rewrite requests and responses.

~~~
majke
Lua, in its vanilla form, is not a language supporting proper multi-tenancy.
It works okay if only one (trusted) user writes the scripts, but it's not the
good choice for running truly untrusted code from the internet. What will just
happen when you do "string.rep" in redis?

A better design would be to run one Lua VM per tenant, but then we are at
totally different set of problems (preemptive multi-tasking between VM's?)

~~~
willvarfar
In Lua its the host that does the actual allocs (lua_setallocf()), and its
routine for the host to intercept those mallocs and do accounting.

Now even with a 'locked down' Lua VM there is a lot of trust in executing 3rd-
party scripts and there might be various attacks.

But as I said, I really could imagine some next-gen CDN allowing paying
customers to put Lua scripts in the edge to rewrite requests and responses.

If I were tackling it I would want all the script instances for any given
customer to be isolated at a hardware level from other customers too.

------
marcosscriven
Sorry for the meta comment, but reading this on an iPad Pro 12.9, and can't
seem to get this to render as it would on a desktop, despite hitting 'Request
Desktop Site'. Is there anything one can do with a bookmarklet in this
situation, or am I beholden to what the server decides?

~~~
majke
Author here. The markup is trivial. The CSS is basic. I'm not sure what
problem precisely you have, but I did spend quite some effort to make it look
good on iphone. (for added kicks press "d" on your keyboard on desktop)

~~~
marcosscriven
Sorry again for meta, and thanks for responding. I just mean on the iPad pro
12.9 it renders as if it were a huge iPhone, rather than as a desktop site. It
just means the text is huge. Not a biggie - I've seen this on some other
blogs, and wondered if there were a workaround.

~~~
Terretta
Same device, same giant text ... workaround I like is tap reading view icon in
Safari URL bar.

------
gruez
>Some time ago I started wondering - would it be possible for a CDN to run
customer code on the edge servers?

Can't you already do that with PaaS providers? Upload your code, create
instances across multiple regions, and you're done.

~~~
kristianp
Indeed, google Appengine has sandboxed versions of python, java and go. It's
becoming the 'old' way to do things though. If I understand correctly more
recently VM and container-based solutions are the new way to do sandboxing on
google cloud, e.g. Compute Engine and Container Engine.

