Jerboa logoJerboa

Security Model

Jerboa narrows risky boundaries, favors Rust for protocol and crypto edges, and ships explicit OS confinement modules.

HTTPSD

  • rustls TLS
  • Rust request parsing
  • duplicate Content-Length rejected
  • Transfer-Encoding rejected until supported
  • mTLS through client-ca:

Native Boundary

Crypto, TLS, parser, compression, regex, packet, and selected OS features converge in libjerboa_native.

Operating System Controls

Landlock, seccomp, Capsicum, seatbelt, secure memory, audit, taint, and capability modules are available in-tree.

About WASM

Jerboa uses WASM when the security boundary is narrow enough to justify it, as in DNS parsing. HTTPSD starts with Rust parsing and strict request policy; a WASM parser can be added later if benchmarks and threat modeling justify the extra runtime boundary.