A Secure Environment for Untrusted Helper Applications (Confining the Wily Hacker)
نویسندگان
چکیده
Many popular programs, such as Netscape, use untrusted helper applications to process data from the network. Unfortunately, the unauthenticated network data they interpret could well have been created by an adversary, and the helper applications are usually too complex to be bug-free. This raises signi cant security concerns. Therefore, it is desirable to create a secure environment to contain untrusted helper applications. We propose to reduce the risk of a security breach by restricting the program's access to the operating system. In particular, we intercept and lter dangerous system calls via the Solaris process tracing facility. This enabled us to build a simple, clean, user-mode implementation of a secure environment for untrusted helper applications. Our implementation has negligible performance impact, and can protect pre-existing applications.
منابع مشابه
A Secure Environment for Untrusted Helper Applications Connning the Wily Hacker
Many popular programs, such as Netscape, use un-trusted helper applications to process data from the network. Unfortunately, the unauthenticated network data they interpret could well have been created by an adversary, and the helper applications are usually too complex to be bug-free. This raises sig-niicant security concerns. Therefore, it is desirable to create a secure environment to contai...
متن کاملA Secure Environment for Untrusted Helper Applications
Many popular programs, such as Netscape, use untrusted helper applications to process data from the network. Unfortunately, the unauthenticated network data they interpret could well have been created by an adversary, and the helper applications are usually too complex to be bug-free. This raises signi cant security concerns. Therefore, it is desirable to create a secure environment to contain ...
متن کاملFighting the Wily Hacker: Modeling Information Security Issues for On-line Financial Institutions using the SEAS Environment
متن کامل
A Secure Jailing System for Confining Untrusted Applications
System call interception based jailing is a well-known method for confining (sandboxing) untrusted binary applications. Existing systems that are implemented using standard UNIX debugging mechanisms are rendered insecure by several race conditions. This paper gives an overview of the most important threats to jailing systems, and presents novel mechanisms for implementing jailing securely on st...
متن کاملResearch Directions for Network Intrusion Recovery
One of the most significant unsolved problems for network managers and system administrators is how to repair a network infrastructure after discovering evidence of an extensive compromise. The technical issues are compounded by a breathtaking variety of human factors. We highlight lessons learned from three real, significant, and recent intrusion incidents. We do so as a way to expose the diff...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 1996