Articles
Safe Execution of Unreliable Software

https://doi.org/10.1016/S1571-0661(04)80685-6Get rights and content
Under a Creative Commons license
open access

Abstract

We introduce a method, Lightweight Privilege Separation, enabling safe execution of unreliable software. Our method introduces no new software vulnerabilities and is fairly easy to implement. Furthermore, we show by experiments that the execution overhead is in the order of milliseconds per execution of the unreliable process at hand. We compare our method with earlier attempts of privilege separation such as OpenSSH. The paper concludes with a discussion on generalizations of our approach in the form of abstract machines and their interpreters.

Cited by (0)