IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [sandbox]

A sandbox is a security mechanism for containing and restricting untrusted programs. Such programs could contain malicious code, which would otherwise harm the user's system.

195 questions
6
votes
2 answers

Information Transfer Between Browsers and Tabs

Is it possible for a webpage to detect or otherwise be aware of what other tabs in the same browser, or even other open webpages in other browsers are doing or transmitting? I am well aware of cookies, and their ability to store information placed…
user58446
  • 513
  • 6
  • 13
6
votes
3 answers

Wine or sandboxie as sandboxes

I'm looking for a sandbox for Windows. I've looked at sandboxie but I don't know if it delivers what it promises. Is it actually safer to run programs inside sandboxie ? I know a full-blown VM could kill the problem but I was interested in a more…
user20254
6
votes
1 answer

How to restrict dlopen() from or to certain paths?

If I want to disable execution of programs on a filesystem, I can use the noexec mount option. However, this doesn’t works with dynamic libraries loaded throughdlopen(). So what is the way to do it with nacl or seccomp ? (this is for untrusted…
user2284570
  • 1,402
  • 1
  • 14
  • 33
6
votes
4 answers

How to detect malicious JavaScript in a PDF file?

Is having any JavaScript in a PDF file by definition dangerous or is it only dangerous when specific functions (for example eval) are used inside a PDF, in which case, what JavaScript functions are dangerous in a PDF? In other words: When should…
Bob Ortiz
  • 6,234
  • 8
  • 43
  • 90
6
votes
1 answer

What are the appropriate steps to take after installing a questionable Android app?

Situation: User installed an Android app from the Google Play Store. User's device is rooted, but that app does not have root privileges. XPrivacy reveals that the app is trying to make IPC (inter-process communication) calls that do not seem…
RockPaperLz- Mask it or Casket
  • 3,114
  • 21
  • 50
5
votes
2 answers

Are there cases where malicious scripts on websites breached the sandbox of a browser so that files on the user's computer could be accessed?

Whenever a hosted script on a website tries to access a file on a user's computer the sandbox prevents it, but has there been any documented case where this sandbox obstacle was somehow overcome by the script?
Alexander Kalian
  • 553
  • 4
  • 10
5
votes
2 answers

How do I montior exactly what a program does?

I would like to run some program, preferably in a sandbox, and see exactly what it does/did. I'm currently puzzled by disk access and network, since there's so much other stuff happening there at the same time. I'm mostly curious about Windows, but…
Filip Haglund
  • 1,593
  • 1
  • 11
  • 20
5
votes
1 answer

Does sandboxie "grab" all the system calls?

Sandboxie: http://www.sandboxie.com Does sandboxie "grab" all the system calls, e.g.: filesystem calls? Or it "grabs" all the low level calls from a process?
LanceBaynes
  • 6,149
  • 11
  • 60
  • 91
5
votes
1 answer

Web Assembly Security

I'm excited about the prospects of web-assembly for the future, but I'm curious if this will have the same security ramifications of Java Applets. What are some of the reasons why web assembly is expected to be more secure than Java Applets? (Isn't…
JacKeown
  • 153
  • 4
5
votes
1 answer

VM vs System Call Interposition vs Software Fault Isolation

I have an exe file that I don't trust (maybe its infected with malware). I know that running it in a VM will isolate the exe file from my system, but what about using mechanisms such as System Call Interposition or Software Fault Isolation? Is…
Zorx
  • 51
  • 1
5
votes
3 answers

Can someone read a iOS class variable from outside the app?

a class variable like this: @property (strong, nonatomic) NSString *privateValue; Can someone read the value of that variable while it´s in memory? I can´t find anything about this on the apple docs and I also lack the understanding. Can someone…
dan
  • 53
  • 1
  • 7
4
votes
0 answers

How to indicate that content in an iframe is untrusted

As part of a website I am developing, untrusted content is displayed in a sandboxed iframe. The content is loaded using the srcdoc attribute, but the iframe is sandboxed using sandbox="allow-scripts", so the untrusted content does not have…
firefoxuser_1
  • 141
  • 2
4
votes
1 answer

Are there any known breaches of the .NET AppDomain isolation?

.NET AppDomains provide several levels of isolation for untrusted or partially trusted code. The AppDomain sandbox is widely deployed in ASP.NET and Silverlight, although only the latter of these is designed to isolate completely untrusted code from…
RomanSt
  • 1,180
  • 9
  • 25
4
votes
2 answers

Wrapping system call (in reliable and secure way)

It there reliable method of "wrapping" system calls under Linux ? (Like LD_PRELOAD for wrapping shared library function calls.) Is there reliable, secure method of "wrapping" system calls (and, maybe receiving signals), that process can not break…
Grzegorz Wierzowiecki
  • 657
  • 1
  • 6
  • 15
4
votes
1 answer

What security problems does copying .Xauthority to another user present?

If I want to use a GUI application with another user (example: webbrowser), I can copy the .Xauthority file to that given user's home then I can "su - user" and start the GUI app. Question: but what security problems does this bring?
freaking-good-question
  • 191
  • 5
1 2 3
12 13