Confirmed users
717
edits
Security/ProcessIsolation/ThreatModel: Difference between revisions
Security/ProcessIsolation/ThreatModel (view source)
Revision as of 22:54, 7 April 2009
, 7 April 2009→System Compromise
| Line 11: | Line 11: | ||
Compromise the underlying system and achieve malicious code execution with full user privileges. | Compromise the underlying system and achieve malicious code execution with full user privileges. | ||
<b>Threats<b> | <b>Threats</b> | ||
* code execution in a privileged process (inc. a library it loads) could result in direct system compromise | * code execution in a privileged process (inc. a library it loads) could result in direct system compromise | ||
* isolated process could trick a privileged process to perform an attack on its behalf (write a file to an arbitrary location on disk, write a registry entry, launch a process, open a socket, etc) | * isolated process could trick a privileged process to perform an attack on its behalf (write a file to an arbitrary location on disk, write a registry entry, launch a process, open a socket, etc) | ||