Thinking Security: Stopping Next Year's Hackers by Steven M. Bellovin

Author:Steven M. Bellovin [Bellovin, Steven M.]
Language: eng
Format: epub, pdf
Tags: computers, Security, General, Networking, Vendor Specific
ISBN: 9780134278230
Google: r3seCwAAQBAJ
Publisher: Addison Wesley
Published: 2015-12-03T00:31:57.519551+00:00

10.3 Sandboxes

Sandboxing, sometimes known as jailing, is a class of techniques designed to limit the access rights—the effective target environment—of a program. The intent, of course, is to limit the damage that that program can do if it is evil, infected, or subverted. The concept has been around for many years. Bill Cheswick used a jail (and apparently coined the usage) when we were monitoring the attacker he dubbed “Berferd” [Cheswick 1992; Cheswick 2010; Cheswick and Bellovin 1994]. Cheswick’s fundamental isolation primitive was chroot(), a system call that has been in Unix since the late 1970s. Sandboxing has become of much more interest in the last few years, since both Microsoft and Apple have made it a central part of their desktop architectures, most notably for browsers but also for other high-risk applications.

Download

Copyright Disclaimer:
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.