Explore the security and correctness measures implemented in the Wasmtime WebAssembly runtime and its compiler, Cranelift. Delve into the sandboxing and isolation techniques that prevent WebAssembly programs from accessing external memory regions, transferring control to arbitrary code, or freely accessing network and filesystem resources. Learn how these security properties protect against untrusted programs stealing private data or running malicious operations. Examine the methods employed by the Bytecode Alliance to ensure the correct implementation of Wasmtime, guaranteeing that these crucial security features function as intended. This 28-minute conference talk, presented by Nick Fitzgerald from the Bytecode Alliance at a Linux Foundation event, offers valuable insights into the ongoing efforts to maintain robust security in WebAssembly runtimes.
Overview
Syllabus
Security and Correctness in Wasmtime - Nick Fitzgerald, Bytecode Alliance
Taught by
Linux Foundation