Run-time configurable sandboxes

Bernd Eckenfels ecki at zusammenkunft.net
Tue May 26 20:40:23 UTC 2015


Hello,

partial quote as I want to add to a point:

Am Tue, 26 May 2015 16:19:59 -0400
schrieb Michael Maass <mmaass at andrew.cmu.edu>:

> 3. Common security reasons to use the sandbox: (a) using a third
> party library that isn't fully trusted (convenience often trumps
> security) and (b) frameworks loading third party plugins.

From looking at CVEs it looks like the only other common reason not
mentioned here is multi tenancy for Web Application Servers (i.e.
seperate WAR deployments). 

And I am quite sure by now (i.e. contains and other PaaS technolgies) 
nobody considers that anymore. So the biggest user might as well be
Google App Engine (not sure how far their special platform relies on
the security manager).

Gruss
Bernd

PS: Michael I would be interested in your paper for my personal
education.


More information about the security-dev mailing list