WebAssembly has been one of the trendiest intermediate representations since a while.<\/p>\n\n\n\n
However, its definition of safety means preventing breaching the sandbox. Its goal is to prevent escalation from the VM guest code to the VM host boundary.<\/p>\n\n\n\n
WASI then defines a capabilities-based syscall interface that can be used by applications. Some alternatives which can be implemented with running native code are through using seccomp on Linux. (or using dkmon on Windows)<\/p>\n\n\n\n
In WebAssembly, only one<\/a> memory segment is allowed. As such, unlike managed language runtimes (such as Java and the CLR), WebAssembly by itself does not provide memory safety. <\/p>\n\n\n\n Each global variable gets its own memory segment however, as do local variables. A memory allocation on the heap means that you lose those thin guarantees.<\/p>\n\n\n\n Recompiling C or C++ code to WebAssembly does not<\/em> make it any more secure, unlike recompiling it for .NET with \/clr:safe or to CHERI hardware which provide those possibilities by design, which are always used. <\/p>\n\n\n\n (ASAN, because of its performance overhead even when it’s present, doesn’t cover those issues in practice, you can’t afford to have it always on)<\/p>\n\n\n\n This also means that a suboptimal translation from .NET to WebAssembly is done, as memory segment information could have been used to elide some of those checks at runtime.<\/p>\n\n\n\n However, if your language has some extent of memory safety like Rust, using WebAssembly doesn’t degrade those.<\/p>\n\n\n\n TL;DR<\/strong>: WebAssembly is a sandbox isolating the program from the underlying machine. It doesn’t aim to provide safety properties for that program, and doesn’t try to. <\/p>\n","protected":false},"excerpt":{"rendered":" WebAssembly has been one of the trendiest intermediate representations since a while. However, its definition of safety means preventing breaching the sandbox. Its goal is to prevent escalation from the VM guest code to the VM host boundary. WASI then defines a capabilities-based syscall interface that can be used by applications. Some alternatives which can… Read More »Extent of safety properties in WebAssembly<\/span><\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"neve_meta_sidebar":"","neve_meta_container":"","neve_meta_enable_content_width":"","neve_meta_content_width":0,"neve_meta_title_alignment":"","neve_meta_author_avatar":"","neve_post_elements_order":"","neve_meta_disable_header":"","neve_meta_disable_footer":"","neve_meta_disable_title":"","footnotes":""},"categories":[1],"tags":[],"class_list":["post-125","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/threedots.ovh\/blog\/wp-json\/wp\/v2\/posts\/125","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/threedots.ovh\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/threedots.ovh\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/threedots.ovh\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/threedots.ovh\/blog\/wp-json\/wp\/v2\/comments?post=125"}],"version-history":[{"count":3,"href":"https:\/\/threedots.ovh\/blog\/wp-json\/wp\/v2\/posts\/125\/revisions"}],"predecessor-version":[{"id":128,"href":"https:\/\/threedots.ovh\/blog\/wp-json\/wp\/v2\/posts\/125\/revisions\/128"}],"wp:attachment":[{"href":"https:\/\/threedots.ovh\/blog\/wp-json\/wp\/v2\/media?parent=125"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/threedots.ovh\/blog\/wp-json\/wp\/v2\/categories?post=125"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/threedots.ovh\/blog\/wp-json\/wp\/v2\/tags?post=125"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}