Sandboxed Rust

Jurily · 2014-09-22T22:32:01.802Z

I’d like to see a compilation mode where

the program only has access to crates supplied on the command line, except for maybe a sandbox prelude which would provide things like Vec but not rmdir().
#1 is enforced by disabling the language features that could circumvent it: unsafe, ffi declarations, linking to C libraries, #[start] etc.
(for the truly paranoid) the runtime of the resulting program imposes arcane magicks on itself before main, like setrlimit and sydbox.

Some day, this could also be used for plugins and REPLs (without #3 of course).

DiamondLovesYou · 2014-09-25T00:35:15.658Z

Targeting NaCl through PNaCl will accomplish what you seek (NaCl binaries don’t require Chrome to run). Take a look at my PNaCl fork, if you’re curious.

merg1455 · 2014-09-25T01:04:23.388Z

Good one. Having a sandboxed REPL is always nice.

system · 2019-03-25T08:22:55.079Z

This topic was automatically closed 90 days after the last reply. New replies are no longer allowed.