CNCF SecurityCon - Zero Trust in the Cloud.pdf

1、Zero Trust in the CloudWith WebAssembly and wasmCloudAbout MeAuthor“Programming WebAssembly with Rust”Cloud Native GoBuilding Microservices with ASP.NET Core a lot moreCreator of the CNCF project wasmCloudCo-founder of Cosmonic-a provider of managed wasmCloud servicesParanoid/Security ProponentBig W

2、ebAssembly Fan*Github:autodidaddict,Fediverse:autodidaddictmastodon.worldConstraints Liberate,Liberties ConstrainRunar BjarnasonrunaroramaTrust No One-the AgendaModule Security Cluster Security You are Here Capability Security Runtime SecurityModule SecurityCall stack cant buffer overflowhttps:/ wri

3、te code that uses a syscallBranches always point to valid destinationsTrap(exception)instead of undefined behaviorBad array index,out of bounds in linear memorySneaky indirect function allExceeding call stack sizeIllegal math operations(/0 etc)Control Flow SecurityFunctions&fixed static scope variab

4、les pointersCannot dereference invalid memoryNo Return-oriented Programming(ROP)attacksDirect function callsIndirect function callsReturnsSafe jumpsWebAssembly DemoTrust No OneModule Security Cluster Security You are Here Capability Security Runtime SecurityRuntime SecurityHost memory is off limitsH

5、ost and guest module use isolated linear memory blockHost supplies implementation for module importsOnly host can trigger code in moduleNo I/O opcodes in wasmAnti-forgery checksJIT up to the hostRuntime Security-WASIWASI!=POSIXHost runtime gets right of refusalI/OAll imports and implementationWASI r

6、equires files and directories to be pre-approvedSocket I/O but host creates socketWASI DemoTrust No One-the AgendaModule Security Cluster Security You are Here Capability Security Runtime SecurityCapability SecurityWhy do you want that socket?High-level abstra