Confirmed users
717
edits
Security/ProcessIsolation/ThreatModel: Difference between revisions
→Threats
| Line 22: | Line 22: | ||
*process could take advantage of interprocess communications to executed code within an elevated context (see: http://en.wikipedia.org/wiki/Shatter_attack for an example) | *process could take advantage of interprocess communications to executed code within an elevated context (see: http://en.wikipedia.org/wiki/Shatter_attack for an example) | ||
*different resources or types of file systems may not be protected from direct access by low-privilege processes, due to lack of support for security descriptors (ex. FAT and FAT32: http://dev.chromium.org/developers/design-documents/sandbox#TOC-The-token) | *different resources or types of file systems may not be protected from direct access by low-privilege processes, due to lack of support for security descriptors (ex. FAT and FAT32: http://dev.chromium.org/developers/design-documents/sandbox#TOC-The-token) | ||
*a restricted process must lower privilege effectively after boostrapping, and close any open privileged resources beforehand | |||
==System / Local Network Data Theft== | ==System / Local Network Data Theft== | ||