Efficient, Verifiable Binary Sandboxing for a CISC Architecture

Executing untrusted code while preserving security requiresenforcement of memory and control-flow safety policies:untrusted code must be prevented from modifying memory orexecuting code except as explicitly allowed. Software-basedfault isolation (SFI) or \"sandboxing\" enforces thosepolic...

Full description

Bibliographic Details
Main Authors: McCamant, Stephen, Morrisett, Greg
Other Authors: Program Analysis
Language:en_US
Published: 2005
Online Access:http://hdl.handle.net/1721.1/30542