Security/ProcessIsolation/ThreatModel: Difference between revisions

Jump to navigation Jump to search

Security/ProcessIsolation/ThreatModel (view source)

Revision as of 18:52, 21 May 2009

171 bytes added ,  21 May 2009
→‎Threats
Line 20: Line 20:
*process could import an external library and call its functions
*process could import an external library and call its functions
*process could take advantage of race conditions to modify a system call / message between the time a security check is performed and the API is actually called
*process could take advantage of race conditions to modify a system call / message between the time a security check is performed and the API is actually called
*process could take advantage of interprocess communications to executed code within an elevated context (see: http://en.wikipedia.org/wiki/Shatter_attack for an example)


==System / Local Network Data Theft==
==System / Local Network Data Theft==
Ladamski
Confirmed users
717

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/145263"

Navigation menu