{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,2,27]],"date-time":"2026-02-27T03:45:37Z","timestamp":1772163937142,"version":"3.50.1"},"publisher-location":"New York, NY, USA","reference-count":38,"publisher":"ACM","license":[{"start":{"date-parts":[[2008,4,1]],"date-time":"2008-04-01T00:00:00Z","timestamp":1207008000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2008,4]]},"DOI":"10.1145\/1352592.1352603","type":"proceedings-article","created":{"date-parts":[[2008,4,1]],"date-time":"2008-04-01T12:11:28Z","timestamp":1207051888000},"page":"95-107","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":28,"title":["Application-level isolation and recovery with solitude"],"prefix":"10.1145","author":[{"given":"Shvetank","family":"Jain","sequence":"first","affiliation":[{"name":"University of Toronto, Toronto, ON, Canada"}]},{"given":"Fareha","family":"Shafique","sequence":"additional","affiliation":[{"name":"University of Toronto, Toronto, ON, Canada"}]},{"given":"Vladan","family":"Djeric","sequence":"additional","affiliation":[{"name":"University of Toronto, Toronto, ON, Canada"}]},{"given":"Ashvin","family":"Goel","sequence":"additional","affiliation":[{"name":"University of Toronto, Toronto, ON, Canada"}]}],"member":"320","published-online":{"date-parts":[[2008,4]]},"reference":[{"key":"e_1_3_2_1_1_1","first-page":"19","volume-title":"Proceedings of the USENIX Technical Conference","author":"Cornell Brian","year":"2004","unstructured":"Brian Cornell , Peter Dinda , and Fabi\u00e1n Bustamante . Wayback : A user-level versioning file system for linux . In Proceedings of the USENIX Technical Conference , pages 19 -- 28 , June 2004 . Brian Cornell, Peter Dinda, and Fabi\u00e1n Bustamante. Wayback: A user-level versioning file system for linux. In Proceedings of the USENIX Technical Conference, pages 19--28, June 2004."},{"key":"e_1_3_2_1_2_1","volume-title":"http:\/\/www.microsoft.com\/systemcenter\/softgrid\/evaluation\/virtualization.mspx","author":"Microsoft Corp","year":"2007","unstructured":"Microsoft Corp oratin. Microsoft SoftGrid . http:\/\/www.microsoft.com\/systemcenter\/softgrid\/evaluation\/virtualization.mspx , 2007 . Microsoft Corporatin. Microsoft SoftGrid. http:\/\/www.microsoft.com\/systemcenter\/softgrid\/evaluation\/virtualization.mspx, 2007."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/1095810.1095824"},{"key":"e_1_3_2_1_4_1","unstructured":"Steve Friedl. Best practices for UNIX chroot() operations. http:\/\/www.unixwiz.net\/techtips\/chroot-practices.html January 2002.  Steve Friedl. Best practices for UNIX chroot() operations. http:\/\/www.unixwiz.net\/techtips\/chroot-practices.html January 2002."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.comnet.2006.09.013"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/1095810.1095826"},{"key":"e_1_3_2_1_7_1","doi-asserted-by":"publisher","DOI":"10.1145\/35037.35060"},{"key":"e_1_3_2_1_8_1","unstructured":"Matt Hines. Google buys into security acquires GreenBorder. http:\/\/www.infoworld.com\/article\/07\/05\/29\/Google-buys-into-AV_1.html May 2007.  Matt Hines. Google buys into security acquires GreenBorder. http:\/\/www.infoworld.com\/article\/07\/05\/29\/Google-buys-into-AV_1.html May 2007."},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/ACSAC.2006.16"},{"key":"e_1_3_2_1_10_1","first-page":"59","volume-title":"Proceedings of the USENIX Security Symposium","author":"Jaeger Trent","year":"2003","unstructured":"Trent Jaeger , Reiner Sailer , and Xiaolan Zhang . Analyzing integrity protection in the SELinux example policy . In Proceedings of the USENIX Security Symposium , pages 59 -- 74 , August 2003 . Trent Jaeger, Reiner Sailer, and Xiaolan Zhang. Analyzing integrity protection in the SELinux example policy. In Proceedings of the USENIX Security Symposium, pages 59--74, August 2003."},{"key":"e_1_3_2_1_11_1","volume-title":"Proceedings of the Second International SANE Conference","author":"Kamp Poul-Henning","year":"2002","unstructured":"Poul-Henning Kamp and R. N. M. Watson . Jails : Confining the omnipotent root . In Proceedings of the Second International SANE Conference , 2002 . Poul-Henning Kamp and R. N. M. Watson. Jails: Confining the omnipotent root. In Proceedings of the Second International SANE Conference, 2002."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/945445.945467"},{"key":"e_1_3_2_1_13_1","volume-title":"July","author":"Leyden John","year":"2006","unstructured":"John Leyden . Spyware poses as Firefox extension. urlhttp:\/\/www.theregister.co.uk\/2006\/07\/26\/firefox_malware_extension , July 2006 . John Leyden. Spyware poses as Firefox extension. urlhttp:\/\/www.theregister.co.uk\/2006\/07\/26\/firefox_malware_extension, July 2006."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2007.37"},{"key":"e_1_3_2_1_15_1","unstructured":"Linux. Man capabilities(7) in Linux man page. Confirming to POSIX.1e.  Linux. Man capabilities(7) in Linux man page. Confirming to POSIX.1e."},{"key":"e_1_3_2_1_16_1","volume-title":"Proceedings of the Freenix Track of USENIX Technical Conference","author":"Loscocco Peter","year":"2001","unstructured":"Peter Loscocco and Stephen Smalley . Integrating flexible support for security policies into the linux operating system . In Proceedings of the Freenix Track of USENIX Technical Conference , June 2001 . Peter Loscocco and Stephen Smalley. Integrating flexible support for security policies into the linux operating system. In Proceedings of the Freenix Track of USENIX Technical Conference, June 2001."},{"key":"e_1_3_2_1_17_1","unstructured":"Bharat Mediratta. Gallery photo album organizer. http:\/\/gallery.menalto.com\/ 2004.  Bharat Mediratta. Gallery photo album organizer. http:\/\/gallery.menalto.com\/ 2004."},{"key":"e_1_3_2_1_18_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium","author":"Newsome James","year":"2005","unstructured":"James Newsome and Dawn Song . Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software . In Proceedings of the Network and Distributed System Security Symposium , February 2005 . James Newsome and Dawn Song. Dynamic taint analysis for automatic detection, analysis, and signature generation of exploits on commodity software. In Proceedings of the Network and Distributed System Security Symposium, February 2005."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1145\/1063786.1063789"},{"key":"e_1_3_2_1_20_1","volume-title":"Proceedings of the Networked Systems Design and Implementation (NSDI)","author":"Pfaff Ben","year":"2006","unstructured":"Ben Pfaff , Tal Garfinkel , and Mendel Rosenblum . Virtualization aware file systems: Getting beyond the limitations of virtual disks . In Proceedings of the Networked Systems Design and Implementation (NSDI) , May 2006 . Ben Pfaff, Tal Garfinkel, and Mendel Rosenblum. Virtualization aware file systems: Getting beyond the limitations of virtual disks. In Proceedings of the Networked Systems Design and Implementation (NSDI), May 2006."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/155848.155861"},{"key":"e_1_3_2_1_22_1","volume-title":"Proceedings of the USENIX Large Installation Systems Administration Conference","author":"Price Daniel","year":"2004","unstructured":"Daniel Price and Andrew Tucker . Solaris zones : Operating system support for consolidating commercial workloads . In Proceedings of the USENIX Large Installation Systems Administration Conference , 2004 . Daniel Price and Andrew Tucker. Solaris zones: Operating system support for consolidating commercial workloads. In Proceedings of the USENIX Large Installation Systems Administration Conference, 2004."},{"key":"e_1_3_2_1_23_1","doi-asserted-by":"publisher","DOI":"10.5555\/1267724.1267728"},{"key":"e_1_3_2_1_24_1","doi-asserted-by":"publisher","DOI":"10.1109\/JSAC.2002.806121"},{"key":"e_1_3_2_1_25_1","doi-asserted-by":"publisher","DOI":"10.1145\/319151.319159"},{"key":"e_1_3_2_1_26_1","volume-title":"http:\/\/linux-vserver.org\/Secure_chroot_Barrier, viewed","author":"Linux-Vserver Secure","year":"2007","unstructured":"Secure chroot barrier - Linux-Vserver . http:\/\/linux-vserver.org\/Secure_chroot_Barrier, viewed in Aug 2007 . Secure chroot barrier - Linux-Vserver. http:\/\/linux-vserver.org\/Secure_chroot_Barrier, viewed in Aug 2007."},{"key":"e_1_3_2_1_27_1","volume-title":"Application-level file system isolation. Master's thesis","author":"Shafique Fareha","year":"2007","unstructured":"Fareha Shafique . Application-level file system isolation. Master's thesis , University of Toronto , December 2007 . Fareha Shafique. Application-level file system isolation. Master's thesis, University of Toronto, December 2007."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1145\/1272996.1273025"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1145\/1024393.1024404"},{"key":"e_1_3_2_1_30_1","volume-title":"Proceedings of the Network and Distributed System Security Symposium","author":"Sun Weiqing","year":"2005","unstructured":"Weiqing Sun , Zhenkai Liang , R. Sekar , and V. N. Venkatakrishnan . One-way Isolation: An Effective Approach for Realizing Safe Execution Environments . In Proceedings of the Network and Distributed System Security Symposium , February 2005 . Weiqing Sun, Zhenkai Liang, R. Sekar, and V. N. Venkatakrishnan. One-way Isolation: An Effective Approach for Realizing Safe Execution Environments. In Proceedings of the Network and Distributed System Security Symposium, February 2005."},{"key":"e_1_3_2_1_31_1","unstructured":"Miklos Szeredi. File system in user space (FUSE). http:\/\/fuse.sourgeforge.net.  Miklos Szeredi. File system in user space (FUSE). http:\/\/fuse.sourgeforge.net."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1145\/224056.224070"},{"key":"e_1_3_2_1_33_1","volume-title":"Black Hat USA 2007","author":"Thiel David","year":"2007","unstructured":"David Thiel . Exposing vulnerabilities in media software . Black Hat USA 2007 , http:\/\/www.blackhat.com\/html\/bh-usa-07\/bh-usa-07-speakers.html#thiel, August 2007 . David Thiel. Exposing vulnerabilities in media software. Black Hat USA 2007, http:\/\/www.blackhat.com\/html\/bh-usa-07\/bh-usa-07-speakers.html#thiel, August 2007."},{"key":"e_1_3_2_1_34_1","volume-title":"December","author":"Verma Surendra","year":"2005","unstructured":"Surendra Verma and Charles Torre . Vista transactional file system , December 2005 . http:\/\/channel9.msdn.com\/Showpost.aspx?postid=142120. Surendra Verma and Charles Torre. Vista transactional file system, December 2005. http:\/\/channel9.msdn.com\/Showpost.aspx?postid=142120."},{"key":"e_1_3_2_1_35_1","doi-asserted-by":"publisher","DOI":"10.1145\/319151.319158"},{"key":"e_1_3_2_1_36_1","volume-title":"March","author":"Wagner David","year":"2002","unstructured":"David Wagner and Dean Tribble . A security architecture of the combex darpabrowser architecture , March 2002 . http:\/\/www.combex.com\/papers\/darpa-review\/security-review.pdf. David Wagner and Dean Tribble. A security architecture of the combex darpabrowser architecture, March 2002. http:\/\/www.combex.com\/papers\/darpa-review\/security-review.pdf."},{"key":"e_1_3_2_1_38_1","doi-asserted-by":"publisher","DOI":"10.5555\/1267308.1267327"},{"key":"e_1_3_2_1_39_1","first-page":"217","volume-title":"Proceedings of the IEEE Dependable Systems and Networks","author":"Zhu Ningning","year":"2003","unstructured":"Ningning Zhu and Tzi-Cker Chiueh . Design, implementation , and evaluation of repairable file service . In Proceedings of the IEEE Dependable Systems and Networks , pages 217 -- 226 , June 2003 . Ningning Zhu and Tzi-Cker Chiueh. Design, implementation, and evaluation of repairable file service. In Proceedings of the IEEE Dependable Systems and Networks, pages 217--226, June 2003."}],"event":{"name":"Eurosys '08: Eurosys 2008 Conference","location":"Glasgow Scotland UK","acronym":"Eurosys '08","sponsor":["SIGOPS ACM Special Interest Group on Operating Systems","ACM Association for Computing Machinery"]},"container-title":["Proceedings of the 3rd ACM SIGOPS\/EuroSys European Conference on Computer Systems 2008"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1352592.1352603","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/1352592.1352603","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T09:56:19Z","timestamp":1750240579000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/1352592.1352603"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2008,4]]},"references-count":38,"alternative-id":["10.1145\/1352592.1352603","10.1145\/1352592"],"URL":"https:\/\/doi.org\/10.1145\/1352592.1352603","relation":{"is-identical-to":[{"id-type":"doi","id":"10.1145\/1357010.1352603","asserted-by":"object"}]},"subject":[],"published":{"date-parts":[[2008,4]]},"assertion":[{"value":"2008-04-01","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}