Confirmed users
717
edits
Security/ProcessIsolation/ThreatModel: Difference between revisions
Security/ProcessIsolation/ThreatModel (view source)
Revision as of 22:52, 7 April 2009
, 7 April 2009→System Compromise
| Line 10: | Line 10: | ||
Compromise the underlying system and achieve malicious code execution with full user privileges. | Compromise the underlying system and achieve malicious code execution with full user privileges. | ||
==== Threats ==== | |||
* code execution in a privileged process (inc. a library it loads) could result in direct system compromise | |||
* isolated process could trick a privileged process to perform an attack on its behalf (write a file to an arbitrary location on disk, write a registry entry, launch a process, open a socket, etc) | |||
* flaws in system services could be exploited from an isolated process | |||
=== System Data Theft === | === System Data Theft === | ||