Isolating Legacy Applications with Lind
Legacy applications, often written in C, can be riddled with bugs. Sarcastically referred to as “veritable bug ranches”, pre-existing legacy applications of substantial size and complexity are still commonplace. In this dissertation, I motivate, build and evaluate Lind, a sandbox for legacy applications. Lind decreases the impact of buggy programs on the system that runs them. It does this without changing their code or destroying the non-functional characteristics of the programs—such as performance, portability, light-weightedness and ease of deployment—which are the primary motivators for legacy software written in C. Lind borrows many principles of secure system design to help it isolate legacy applications so they cannot impact the rest of the system. To assess Lind, I evaluate how well legacy applications perform in Lind, how strong the isolation Lind provides is, and how easy it is to port applications to Lind—all to conclude that Lind is a viable proof-of-concept platform for legacy applications.