SystemsSec 2018W Lecture 12
Potential Assignment Topics:
- What does it buy you?
- What can’t it do?
- Memory corruption
- Logic errors
- Back doors
- Query is unsanitized
In the browser what interpreters do we have?
What does it mean to exploit it?
- To use a vulnerability to your advantage
In the webpage, there are all kinds of content. There are advertisements, search bars, twitter feeds, facebook like buttons, etc.
Everything on a webpage has access to the document object model.
Setuid programs -> How much do you have to trust?
Anyone that you allow to become root can do way too much.
- Happened during the days of myspace
- Forces users to send samy a friend request
In the comment section, there is a possibility of malicious code.
- Have the victim visit a random webpage
- Have the ability to make your web browser do all sorts of network traffic
You can pull any arbitrary content over the internet and stick it into a webpage.
- Stored on the web browser
- Remembers information about the person browsing the website
Some websites let you stay logged in for a long time. Some don’t.
XML HTTP Request -> Developed by microsoft
Why did microsoft do this?
- Outlook client access
What people want to do with the web impacts security design.
Can you embed arbitrary html in facebook? -> No
Either you filter out the bad things, or you escape the bad things.
How can we minimize people from running code on your web browser?
- Idea of least privilege
Same Origin Policy
- The only person that is allowed to get access to your web browser is the origin server.
- Prevents stuff from coming from arbitrary sources
- It does not help with you visiting untrusted sources
- Keeps a list of who is trusted and who is not trusted
Web browsers -> The modern operating system
Web browsers have a different trust model than the operating system does.
Web browsers sandboxes code
Phone operating systems:
- Deal with similar threat model to the web
IOS strategy for dealing with threats:
- Sandbox the hell out of everything
- Access control using capabilities list
Everytime you install an app on android, it would need to do a security analysis. You would get questions regarding your current location, camera access, microphone access, etc. Why does it do that? For advertisement content.
Snaps and flat packs
- Standards for packaging linux applications to run on systems.
- They also include sandboxing
If you want to run skype on your linux system, you can get a “snap” for it. But you have to install it on classic mode.
How are you going to make sure that you are going to be provided with safety while running untrusted code?
- Access control
Usability of security systems
- What can we do to restrict people from putting arbitrary code onto the website you are visiting?
- What is browser exploit? How do we prevent it?
- What is the problem with fine grained permissions?