Confirmed users
717
edits
Security/ProcessIsolation/ThreatModel: Difference between revisions
Security/ProcessIsolation/ThreatModel (view source)
Revision as of 20:30, 17 June 2009
, 17 June 2009→Threats
| Line 33: | Line 33: | ||
*an isolated process could still open network connections to steal data from or attack local systems | *an isolated process could still open network connections to steal data from or attack local systems | ||
*an isolated process could behave like a keylogger to capture input for other tabs or FQDNs | *an isolated process could behave like a keylogger to capture input for other tabs or FQDNs | ||
*theft of local and network files via file:// and related schemes | |||
*theft of local data via direct access to database or database files | |||
==Cross-domain Compromise== | ==Cross-domain Compromise== | ||