Rust is a modern systems programming language that ensures memory safety by enforcing ownership and borrowing rules at compile time. While the unsafe keyword allows programmers to bypass these restrictions, it introduces significant risks. Various approaches for isolating unsafe code to protect safe Rust from vulnerabilities have been proposed, yet these methods provide only fixed isolation boundaries and do not accommodate expressive policies that require sandboxing both safe and unsafe code. This paper presents SandCell for flexible and lightweight isolation in Rust by leveraging existing syntactic boundaries. SandCell allows programmers to specify which components to sandbox with minimal annotation effort, enabling fine-grained control over isolation. The system also introduces novel techniques to minimize overhead when transferring data between sandboxes. Our evaluation demonstrates SandCell's effectiveness in preventing vulnerabilities across various Rust applications while maintaining reasonable performance overheads.

翻译：Rust是一种现代系统编程语言，通过在编译时强制执行所有权和借用规则来确保内存安全。虽然unsafe关键字允许程序员绕过这些限制，但这会引入重大风险。目前已有多种隔离不安全代码以保护安全Rust免受漏洞影响的方案被提出，但这些方法仅提供固定的隔离边界，无法支持需要对安全和unsafe代码同时进行沙盒隔离的灵活策略。本文提出SandCell，通过利用现有语法边界实现Rust中灵活轻量的隔离机制。SandCell允许程序员以最小标注代价指定需要沙盒化的组件，实现对隔离机制的细粒度控制。该系统还引入了创新技术以最小化沙盒间数据传输的开销。我们的评估表明，SandCell在保持合理性能开销的同时，能有效防止各类Rust应用中的安全漏洞。