The Shear project creates a secure environment for the least-authority execution of over-privileged applications that may be exploited by adversaries to launch privileged attacks. We use advanced program analysis and operating systems techniques to extract the minimal authority of a program and enforce it at run-time.

Available Work

• PoLPer: a least-privilege enforcement tool for setuid calls (paper)