• ATC ‘18 Presentation
  • https://www.usenix.org/conference/atc18/presentation/boucher

Key Idea

  1. Process-based isolation is slow. Use:
    1. Language-based isolation: Rust. Guaranteed in compile time.
    2. Fine-grained preemption: Restrict syscalls and abort long-running tasks.

Mentioned Systems

  1. NetBricks: link
  2. Tock: link


Preload Dynamic Library

Use LD_PRELOAD to preload a dynamic library before any other library. Link

Example: $ LD_PRELOAD=/path/to/my/malloc.so /bin/ls.

Use ldd to list alll runtime dependencies of a binary program or a shared library.


SIGALRM is a signal triggered after waiting for a certain amount of time. By default, it kills the process. In C, alarm and settimer function can call the SIGALRM syscall.

Link C Link man7


A process passes a bad argument to a syscall. For example, it violates Seccomp security rules. It can also be used to emulate foreign syscalls: emulating Windows syscalls on Linux. By default, it terminates the process.


Linux uses seccomp to restrict the process’s syscalls. It is widely used in containers.

Useful Langauge Points

  1. thwart: 阻挠