Sandboxing (a form of mandatory access control or MAC) uses per-application security policies to limit the actions a program may take and the resources it is allowed to access it aims to make what a program can do the same as what a program was made to do. Most of these capabilities and permissions however are never actually required by the executing program. On traditional UNIX systems, programs run as a user (in what’s referred to as discretionary access control - DAC), inheriting all her capabilities and permissions. It aims to reduce the damage of successful attacks on the host system. Accepting this reality, the focus of the last few decades has been on developing exploit mitigation techniques such as Address Space Layout Randomisation (ASLR) and Data Execution Prevention (DEP) which focus on increasing difficulty and costs for attackers. Any sufficiently complex software will contain vulnerabilities that can be abused by motivated attackers to subvert a program’s execution. No-one knows how to design truly secure software.
0 kommentar(er)
