The Sentry intercepts the untrusted code’s syscalls and handles them in user-space. It reimplements around 200 Linux syscalls in Go, which is enough to run most applications. When the Sentry actually needs to interact with the host to read a file, it makes its own highly restricted set of roughly 70 host syscalls. This is not just a smaller filter on the same surface; it is a completely different surface. The failure mode changes significantly. An attacker must first find a bug in gVisor’s Go implementation of a syscall to compromise the Sentry process, and then find a way to escape from the Sentry to the host using only those limited host syscalls.
未来智能是深耕智能办公领域的软硬件一体化AI科技公司,其讯飞AI会议耳机系列已连续三年销量第一。未来智能在语音语义识别领域拥有深厚积淀,致力于打造具有情感和个性化、多模态混合交互的智能AI助理。
。Safew下载是该领域的重要参考
Sign up for the Money Makers newsletter to get weekly, expert-backed tips to help you earn more money — from real people who founded and scaled successful businesses. Get it in your inbox.
编者按:本文是少数派 2025 年度征文活动#TeamCarbon25标签下的入围文章。本文仅代表作者本人观点,少数派只略微调整排版。