Presentation is loading. Please wait.

Presentation is loading. Please wait.

User-Level Sandboxing with FUSE Brandon Rich Andrew Blaich University of Notre Dame CSE 60641.

Similar presentations


Presentation on theme: "User-Level Sandboxing with FUSE Brandon Rich Andrew Blaich University of Notre Dame CSE 60641."— Presentation transcript:

1 User-Level Sandboxing with FUSE Brandon Rich Andrew Blaich University of Notre Dame CSE 60641

2 ProblemProblem  Protect the file system from abuse.  Guiding Principles:  Transparency  Isolation  User input  Protect the file system from abuse.  Guiding Principles:  Transparency  Isolation  User input

3 SolutionSolution  System Call Interposition  Intercept  Analyze  Re-route and log activity  Return  Post-execution commit  Using log and execution cache  System Call Interposition  Intercept  Analyze  Re-route and log activity  Return  Post-execution commit  Using log and execution cache

4 ComponentsComponents  FUSE  Syscall interposition (free)  Logger  Sandbox  Whole-file copy  Virtual File List  Commit process  Uses log and.sandbox files  FUSE  Syscall interposition (free)  Logger  Sandbox  Whole-file copy  Virtual File List  Commit process  Uses log and.sandbox files

5 USER-Space Kernel FUSE System-Call /tmp file1.txt file1.txt.sandbox file2.doc Open Read Write Close log call in: log.log 3 Cases: 1) Writing a new file 2) Writing an existing file 3) Reading

6 Virtual File List

7 Sandboxing Writes

8

9 Sandboxing Deletes  No deletes ever take place  VFL entry can be designated “deleted”  Version numbers keep track of future generations of a file  No deletes ever take place  VFL entry can be designated “deleted”  Version numbers keep track of future generations of a file

10 Hiding Sandbox Files

11 Logging

12 Committer

13 Performance Evaluation  Tests  Andrew Benchmark  Chirp Benchmark  Custom Benchmarks  Three Environments  Unmodified ext3 file system  “Clean” FUSE  Sandboxing FUSE  Tests  Andrew Benchmark  Chirp Benchmark  Custom Benchmarks  Three Environments  Unmodified ext3 file system  “Clean” FUSE  Sandboxing FUSE

14 Andrew Benchmark (Compile Phase 5: Am-utils)

15 Chirp Benchmark

16 Overhead of Logging vs Sandboxing Chirp Benchmark

17 Custom Benchmark

18 Conclusions  System call interposition at the user level is expensive  Disk-based caching is simple but robust  Our approach is effective but could be improved  System call interposition at the user level is expensive  Disk-based caching is simple but robust  Our approach is effective but could be improved

19 Questions?


Download ppt "User-Level Sandboxing with FUSE Brandon Rich Andrew Blaich University of Notre Dame CSE 60641."

Similar presentations


Ads by Google