Tutorial: Sandboxing (unsafe) C code with RLBox

Abstract

RLBox is a C++ framework for building secure systems from untrusted libraries. RLBox uses a static type system to (1) abstract isolation mechanisms like WebAssembly (2) make data and control flow across the application-library boundary explicit and safe, and (3) help developers retrofit their application with sandboxing. In this tutorial, we first give an overview of RLBox and demonstrate how the RLBox framework helps sandbox a (buggy) C library in a simple C++ application. Then, we walk through the process of using RLBox to sandbox libraries in larger C++ codebases like the Firefox Web browser.