Confirmed users
717
edits
Security/ProcessIsolation/ThreatModel: Difference between revisions
→Threats
| Line 21: | Line 21: | ||
*process could take advantage of race conditions to modify a system call / message between the time a security check is performed and the API is actually called | *process could take advantage of race conditions to modify a system call / message between the time a security check is performed and the API is actually called | ||
*process could take advantage of interprocess communications to executed code within an elevated context (see: http://en.wikipedia.org/wiki/Shatter_attack for an example) | *process could take advantage of interprocess communications to executed code within an elevated context (see: http://en.wikipedia.org/wiki/Shatter_attack for an example) | ||
*different resources or types of file systems may not be protected from direct access by low-privilege processes, due to lack of support for security descriptors (ex. FAT and FAT32: http://dev.chromium.org/developers/design-documents/sandbox#TOC-The-token) | |||
==System / Local Network Data Theft== | ==System / Local Network Data Theft== | ||