CapExec: Towards Transparently-Sandboxed Services (Extended Version)

by   Mahya Soleimani Jadidi, et al.

Network services are among the riskiest programs executed by production systems. Such services execute large quantities of complex code and process data from arbitrary and untrusted network sources, often with high levels of system privilege. It is desirable to confine system services to a least-privileged environment so that the potential damage from a malicious attacker can be limited, but existing mechanisms for sandboxing services require invasive and system-specific code changes and are insufficient to confine broad classes of network services. Rather than sandboxing one service at a time, we propose that the best place to add sandboxing to network services is in the service manager that starts those services. As a first step towards this vision, we propose CapExec, a process supervisor that can execute a single service within a sandbox based on a service declaration file in which, required resources whose limited access to are supported by Caper services, are specified. Using the Capsicum compartmentalization framework and its Casper service framework, CapExec provides robust application sandboxing without requiring any modifications to the application itself. We believe that this is a first step towards ubiquitous sandboxing of network services without the costs of virtualization. Keywords: application security, sandboxing, service manager, Capsicum, compartmentalization


page 1

page 2

page 3

page 4


Can You Accept LaTeX Files from Strangers? Ten Years Later

It is well-known that Microsoft Word/Excel compatible documents or PDF f...

Directory Service Provided by DSCloud Platform

When there are huge volumes of information dispersing in the various mac...

A public transit network optimization model for equitable access to social services

We present a flexible public transit network design model which optimize...

On Using P2P Technology for Decentralized Detection of Service Level Agreement Violations

Critical networked services enable significant revenue for network opera...

Developing a Process in Architecting Microservice Infrastructure with Docker, Kubernetes, and Istio

As an application usage grows, its owner scales up vertically by replaci...

vLibOS: Babysitting OS Evolution with a Virtualized Library OS

Many applications have service requirements that are not easily met by e...

DeepTriage: Automated Transfer Assistance for Incidents in Cloud Services

As cloud services are growing and generating high revenues, the cost of ...