Application Sandbox Limitations
ثبت نشده
چکیده
منابع مشابه
USENIX Association Proceedings of the 9 th USENIX Security Symposium
Designing a suitable con nement mechanism to conne untrusted applications is challenging as such a mechanism needs to satisfy con icting requirements. The main trade-o is between ease of use and exibility. In this paper, we present the design, implementation and evaluation of MAPbox, a con nement mechanism that retains the ease of use of application-class-speci c sandboxes such as the Java appl...
متن کاملA Self-healing Component Sandbox for Untrustworthy Third Party Code Execution
This paper presents an architecture and implementation of a selfhealing sandbox for the execution of third party code dynamically loaded which may potentially put in risk application stability. By executing code in a fault contained sandbox, no faults are propagated to the trusted part of the application. The sandbox is monitored by a control loop that is able to predict and avoid known types o...
متن کاملPyBox - A Python Sandbox
The application of dynamic malware analysis in order to automate the monitoring of malware behavior has become increasingly important. For this purpose, so-called sandboxes are used. They provide the functionality to execute malware in a secure, controlled environment and observe its activities during runtime. While a variety of sandbox software, such as the GFI Sandbox (formerly CWSandbox) or ...
متن کاملsecmodel sandbox : An application sandbox for NetBSD (draft)
We introduce a new security model for NetBSD – secmodel sandbox – that allows per-process policies for restricting privileges. Privileges correspond to kauth authorization requests, such as a request to create a socket or read a file, and policies specify the sandbox’s decision: deny, defer, or allow. Processes may apply multiple sandbox policies to themselves, in which case the policies stack,...
متن کاملDynSec: On-the-fly Code Rewriting and Repair
Security patches protect an application from discovered vulnerabilities and should be applied as fast as possible. On the other hand, patching the application reduces the availability of the service due to the necessary restart. System administrators need to balance system availability with a potential compromise of system integrity. A dynamic software update mechanism applies security updates ...
متن کامل