Will appear in the 2009 IEEE Symposium on Security and Privacy Native Client: A Sandbox for Portable, Untrusted x86 Native Code

This paper describes the design, implementation and eval- uation of Native Client, a sandbox for untrusted x86 native code. Native Client aims to give browser-based applications the computational performance of native applications with- out compromising safety. Native Client uses software fault isolation and a secure runtime to direct system interaction and side effects through interfaces managed by Native Client. Native Client provides operating system portability for binary code while supporting performance-oriented fea- tures generally absent from web application programming environments, such as thread support, instruction set ex- tensions such as SSE, and use of compiler intrinsics and hand-coded assembler. We combine these properties in an open architecture that encourages community review and 3rd-party tools.