Posts

Research Project Read Capsicum (Watson et al., 2010) I re-read this paper, but in the context of my project’s work, it provided some incredibly useful insight. I’ve listed the most important takeaways here, but there are more. My niche might now be figured out. Capsicum discusses eliminating dual-coding by only being in the code, at the cost of potential static analysis. By using high-level language integrations, I think that my solution can achieve both being integral to the code and having a static description....

One gloomy Tuesday evening, I SSHed into my CI server and ran htop as I had hundreds of times before. The machine is pinned running my jobs, but wait… Something is wrong. htop showing bad things I certainly wasn’t running any jobs involving Tensorflow, and I’m not in the habit of mining cryptocurrencies on my CI server. This post will cover the series of events that lead to this happening, what happened, and the learnings I’ve taken away from it....

Research Project Process Isolation Expanded the shim with so called PipeTriggers. Wrote an example for this (examples/pipes/main.rs). Wrote the specification for this application to be launched with the shim (examples/pipes/spec.json). I think this is very neat and certainly a focal point of the project. This style of request driven programming that the shim enables with a powerful level of privilege dropping each time should be useful. The spec is also pretty easy to parse and even write for this too....

Research Project Process Isolation Built the shim in Rust (clone_shim). Wrote a quite nice to use wrapper for the clone3 syscall in (relatively) safe Rust (clone.rs). Wrote the basis of specification, that should be extensible enough for future features (specification.rs). Currently this reads only JSON specifications, but Rust’s serde library has support for a variety of binary formats to try later on. Started tying things together. Currently on the running at startup launches work, but they do launch and it’s a strong basis to add more features from....

Research Project Process Isolation Built three privilege separated test applications. Wrote a privilege separated fib implementation (fib_priv_sep.c). Pretty basic separation as the program is trivial. In the later cp example I did privilege separate the arguments, but I didn’t for the purpose of fib. Starting to build up a structure. The files are structured to have a main implementation reminiscent of the eventual shim, while the functions like real_main would come from the eventual binary....