S3 Lab - Software & Systems Security Laboratory
Shear logo


The Shear project creates a secure environment for the least-authority execution of over-privileged applications that may be exploited by adversaries to launch privileged attacks. We use advanced program analysis and operating systems techniques to extract the minimal authority of a program and enforce it at run-time.

Available Work

  • PoLPer: a least-privilege enforcement tool for setuid calls (paper)

Ongoing Work

  • XCap