canmove, Confirmed users
1,220
edits
Security/Sandbox/IPCguide: Difference between revisions
→Background: How is a browser compromised?
Ptheriault (talk | contribs) (initial import from gdocs) |
Ptheriault (talk | contribs) |
||
| Line 10: | Line 10: | ||
For escalation of privileges, different routes are possible. The basic gist behind this step is to attack a component of the system with higher privileges. | For escalation of privileges, different routes are possible. The basic gist behind this step is to attack a component of the system with higher privileges. | ||
[[File:SandboxEscape.png]] | |||
As shown above, one route is to attack the kernel, however there is not much Mozilla can do to improve the security other than restricting access to the kernel (an improvement currently being integrated into the sandbox). | As shown above, one route is to attack the kernel, however there is not much Mozilla can do to improve the security other than restricting access to the kernel (an improvement currently being integrated into the sandbox). | ||