WebAssembly is a portable binary format first used to run existing C codebases like AutoCAD in the browser and to build cross-platform SDKs for services like Disney+.
WebAssembly ensures security by default through isolated linear memory for each module and control flow integrity that prevents unintended code execution paths.
.NET applications run on WebAssembly by compiling the .NET runtime (CLR) itself into a WASM module, which then interprets the standard .NET DLLs.
The WebAssembly System Interface (WASI) provides a standard API for running WASM modules outside the browser, enabling server-side applications with a capability-based security model.
A practical demonstration shows how a .NET application running on Wasmtime is denied file system access by default and requires explicit permissions to be granted.
This example demonstrates how to extend a .NET host application with a WebAssembly module written in Rust, while still enforcing strict, capability-based security policies.
The nano-process concept provides a fine-grained sandbox for each module, preventing malicious or vulnerable dependencies from gaining unauthorized access to system resources.
The security of the entire ecosystem relies on the runtime, and projects like Wasmtime use Rust, formal verification, and fuzzing to ensure its correctness and robustness.
30:58Edoardo Dusi
30:57Önder Ceylan
57:32Edoardo Dusi
57:45Rainer Stropek
27:27Stefan Schöberl
29:49Matt Butcher
58:53Akmal Chaudhri
26:59Jakub Andrzejewski
.webp?w=240&auto=compress,format)
Jobs that call for the skills explored in this talk.
Vesterling Consulting GmbH
ASM Assembly Systems GmbH & Co. KG
Vesterling Consulting GmbH
M&M Software GmbH
Sankt Georgen im Schwarzwald, Germany
Bite Client
Atlanta, United States of America