Yes! I’ve been waiting to see more of this stuff done. The Poly2 project straight-up deleted all code out of an OS or stack that the appliances didn’t need. The work on temporal, security policies had reference monitors ensure that things happened in a certain order or limited access based on temporal information. People using sandboxes or MAC implementations often manually drop privileges after initialization. This work seems to combine those concepts in an automated way to both reduce privilege and operational burden. Great stuff.
The logical extension would be combining it with something like Genode which already minimizes privileges at architectural level with support for separation kernels on the bottom. The clean-slate stuff can be implemented natively as before. However, the stuff that still needs Linux VM’s can use tech like this. That’s in addition to things such as SVA-OS/SAFEcode and Softbound + CETS that make the kernels and/or software more memory-safe.
Yes! I’ve been waiting to see more of this stuff done. The Poly2 project straight-up deleted all code out of an OS or stack that the appliances didn’t need. The work on temporal, security policies had reference monitors ensure that things happened in a certain order or limited access based on temporal information. People using sandboxes or MAC implementations often manually drop privileges after initialization. This work seems to combine those concepts in an automated way to both reduce privilege and operational burden. Great stuff.
The logical extension would be combining it with something like Genode which already minimizes privileges at architectural level with support for separation kernels on the bottom. The clean-slate stuff can be implemented natively as before. However, the stuff that still needs Linux VM’s can use tech like this. That’s in addition to things such as SVA-OS/SAFEcode and Softbound + CETS that make the kernels and/or software more memory-safe.