Security/ProcessIsolation/ThreatModel: Difference between revisions

Line 21: Line 21:
*process could take advantage of race conditions to modify a system call / message between the time a security check is performed and the API is actually called
*process could take advantage of race conditions to modify a system call / message between the time a security check is performed and the API is actually called
*process could take advantage of interprocess communications to executed code within an elevated context (see: http://en.wikipedia.org/wiki/Shatter_attack for an example)
*process could take advantage of interprocess communications to executed code within an elevated context (see: http://en.wikipedia.org/wiki/Shatter_attack for an example)
*different resources or types of file systems may not be protected from direct access by low-privilege processes, due to lack of support for security descriptors (ex. FAT and FAT32: http://dev.chromium.org/developers/design-documents/sandbox#TOC-The-token)


==System / Local Network Data Theft==
==System / Local Network Data Theft==
Confirmed users
717

edits