[westurner]

Is it possible to sandbox the host system from the guests in WASM?

Are there namespaces and cgroups and SECCOMP and blocking for concurrent hardware access in WASM, or would those kernel protections be effective within a WASM runtime? Do WASM runtimes have subprocess isolation?

[westurner]

/? subprocess isolation https://www.google.com/search?q=subprocess+isolation on a PC:

- TIL about teh Endokernel: "The Endokernel: Fast, Secure, and Programmable Subprocess Virtualization" (2021) https://arxiv.org/abs/2108.03705#

> The Endokernel introduces a new virtual machine abstraction for representing subprocess authority, which is enforced by an efficient self-isolating monitor that maps the abstraction to system level objects (processes, threads, files, and signals). We show how the Endokernel can be used to develop specialized separation abstractions using an exokernel-like organization to provide virtual privilege rings, which we use to reorganize and secure NGINX. Our prototype, includes a new syscall monitor, the nexpoline, and explores the tradeoffs of implementing it with diverse mechanisms, including Intel Control Enhancement Technology. Overall, we believe sub-process isolation is a must and that the Endokernel exposes an essential set of abstractions for realizing this in a simple and feasible way.

[westurner]

Sandbox (computer security) > Implementations https://en.wikipedia.org/wiki/Sandbox_(computer_security)

- [x] Linux containers

- [ ] WASM with or without WASI

eWASM has costed opcodes; basically like dynamic tracing in CPython.

Are there side channels for many or most of these sandboxing methods; even at the CPU level?

[westurner]

google/gvisor could be useful for this? https://github.com/google/gvisor :

> gVisor is an application kernel, written in Go, that implements a substantial portion of the Linux system surface. It includes an Open Container Initiative (OCI) runtime called runsc that provides an isolation boundary between the application and the host kernel.