A Fan-Out Sandboxing File System
Sandboxfs isolates modifications to the file system made by a a set of
"bad" processes from the other "good" processes on a system. Sandboxfs also
isolates file-system changes made by the "good" processes from the "bad"
processes. Sandboxfs leverages the flexible input filters from Tracefs, good
and bad processes are described using arbitrarily complex logical expressions.
To create a sandbox, we duplicate the super-block structure of Sandboxfs
and attach a logical expression that dictates which processes belong to this
sandbox. Whenever an operation crosses the Sandboxfs mount point, Sandboxfs
directs the operation to the appropriate super-block. Each Sandboxfs
super-block object has its own VFS caches (inode and dentry), but for
efficiency shares the underlying page cache for common data. We call these
separate per-entity caches for each directory split-view caches.
||Name (click for home page)
||Charles P. Wright
||May 2003 - May 2006
||Partner, Senior Software Architect, Illumon (New York, NY)
(Last updated: Tue Apr 25 15:11:07 EDT 2017)