yosh on Nostr: “But Yosh, how would we sandbox C++ code at scale?” While not a perfect solution ...
“But Yosh, how would we sandbox C++ code at scale?”
While not a perfect solution — but Firefox’s RLBox toolkit (https://rlbox.dev/) provides the template for that. It compiles a C program to Wasm, puts it inside a Wasm sandbox, and provides the same API on the outside of the sandbox.
Now if the sandboxes library exhibits UB, it can no longer be used to exploit the rest of the program. Here’s a full writeup of how this works:
https://hacks.mozilla.org/2020/02/securing-firefox-with-webassembly/
While not a perfect solution — but Firefox’s RLBox toolkit (https://rlbox.dev/) provides the template for that. It compiles a C program to Wasm, puts it inside a Wasm sandbox, and provides the same API on the outside of the sandbox.
Now if the sandboxes library exhibits UB, it can no longer be used to exploit the rest of the program. Here’s a full writeup of how this works:
https://hacks.mozilla.org/2020/02/securing-firefox-with-webassembly/