This paper presents a software-based approach to implementing fault isolation within a single address space. The approach involves loading code and data for a distrusted module into its own fault domain, a logically separate portion of the application's address space, and modifying the object code of the distrusted module to prevent it from writing or jumping to an address outside its fault domain. This approach is portable and programming language independent, and offers a tradeoff relative to hardware fault isolation: substantially faster communication between fault domains at a cost of slightly increased execution time for distrusted modules. The paper discusses the challenges of fault isolation in systems with tightly-coupled modules, where hardware-based fault isolation incurs high performance costs due to the need to cross hardware protection boundaries. The proposed software approach reduces these costs by eliminating the need to cross hardware boundaries, allowing for substantially lower-cost RPC between fault domains. The approach is demonstrated to be effective in reducing fault isolation overhead for frequently communicating modules, as shown in the POSTGRES database system running the Sequoia 2000 benchmark. The paper also discusses the tradeoff between performance and level of distrust, where only distrusted modules incur execution time overhead. The approach is shown to be effective in reducing the overhead of software-enforced fault isolation, with an average of 4% execution time overhead on both the DECstation and the Alpha. The paper also presents performance results for the prototype, showing that software-enforced fault isolation can offer substantially better end-to-end performance for frequently communicating fault domains. The paper concludes that software-enforced fault isolation is a viable alternative to hardware-based fault isolation, offering a balance between performance and security. The approach is shown to be effective in reducing the overhead of fault isolation, with the potential to improve the performance of applications that require fault isolation. The paper also discusses related work, including other approaches to fault isolation and the limitations of hardware-based fault isolation.This paper presents a software-based approach to implementing fault isolation within a single address space. The approach involves loading code and data for a distrusted module into its own fault domain, a logically separate portion of the application's address space, and modifying the object code of the distrusted module to prevent it from writing or jumping to an address outside its fault domain. This approach is portable and programming language independent, and offers a tradeoff relative to hardware fault isolation: substantially faster communication between fault domains at a cost of slightly increased execution time for distrusted modules. The paper discusses the challenges of fault isolation in systems with tightly-coupled modules, where hardware-based fault isolation incurs high performance costs due to the need to cross hardware protection boundaries. The proposed software approach reduces these costs by eliminating the need to cross hardware boundaries, allowing for substantially lower-cost RPC between fault domains. The approach is demonstrated to be effective in reducing fault isolation overhead for frequently communicating modules, as shown in the POSTGRES database system running the Sequoia 2000 benchmark. The paper also discusses the tradeoff between performance and level of distrust, where only distrusted modules incur execution time overhead. The approach is shown to be effective in reducing the overhead of software-enforced fault isolation, with an average of 4% execution time overhead on both the DECstation and the Alpha. The paper also presents performance results for the prototype, showing that software-enforced fault isolation can offer substantially better end-to-end performance for frequently communicating fault domains. The paper concludes that software-enforced fault isolation is a viable alternative to hardware-based fault isolation, offering a balance between performance and security. The approach is shown to be effective in reducing the overhead of fault isolation, with the potential to improve the performance of applications that require fault isolation. The paper also discusses related work, including other approaches to fault isolation and the limitations of hardware-based fault isolation.