Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools
نویسنده
چکیده
منابع مشابه
Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools
System call interposition is a powerful method for regulating and monitoring application behavior. In recent years, a wide variety of security tools have been developed that use this technique. This approach brings with it a host of pitfalls for the unwary implementer that if overlooked can allow his tool to be easily circumvented. To shed light on these problems, we present the lessons we lear...
متن کاملPractical and Effective Sandboxing for Non-root Users
MBOX is a lightweight sandboxing mechanism for nonroot users in commodity OSes. MBOX’s sandbox usage model executes a program in the sandbox and prevents the program from modifying the host filesystem by layering the sandbox filesystem on top of the host filesystem. At the end of program execution, the user can examine changes in the sandbox filesystem and selectively commit them back to the ho...
متن کاملNew approaches to operating system security extensibility
This dissertation proposes new approaches to commodity computer operating system (OS) access control extensibility that address historic problems with concurrency and technology transfer. Access control extensibility addresses a lack of consensus on operating system policy model at a time when security requirements are in flux: OS vendors, anti-virus companies, firewall manufacturers, smart pho...
متن کاملOperating System Support for Process Confinement
Execution of untrusted software can compromise a whole system. Tools for restricting access of software to system resources are essential for security maintenance. Operating systems should offer functionality for building tools which could run in user mode with no special privileges while providing full access control. Thus, they could be made available to any user in the system. In this paper ...
متن کاملPaladin: Helping Programs Help Themselves with System Call Interposition
Today’s programs run in hostile environments. An adversary attacking a running process may radically alter the program’s course of execution. Such attacks will be of little value to the adversary unless he can cause the program to affect the outside world by executing a system call. A fruitful line of research on system call interposition has investigated using security checks on system calls t...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
عنوان ژورنال:
دوره شماره
صفحات -
تاریخ انتشار 2011