Microsoft's New Open-Source Project: LiteBox As A Rust-Based Sandboxing Library OS

Microsoft's New Open-Source Project: LiteBox As A Rust-Based Sandboxing Library OS
DRANK

Microsoft engineers and other stakeholders have been developing LiteBox as a security-focused library OS written in the Rust programming language and leveraging Linux Virtualization Based Security "LVBS". The design is for LiteBox to operate as a secure kernel protecting the normal guest kernel via virtualization hardware.LiteBox is self-described as:LiteBox is a sandboxing library OS that drastically cuts down the interface to the host, thereby reducing attack surface. It focuses on easy interop of various "North" shims and "South" platforms. LiteBox is designed for usage in both kernel and non-kernel scenarios.LiteBox exposes a Rust-y nix/rustix-inspired "North" interface when it is provided a Platform interface at its "South". These interfaces allow for a wide variety of use-cases, easily allowing for connection between any of the North--South pairs.Example use cases include:- Running unmodified Linux programs on Windows- Sandboxing Linux applications on Linux- Run programs on top …

phoronix.com a month ago

Open page

https://www.phoronix.com/news/Microsoft-LiteBox