A secure environment for untrusted helper applications confining the Wily Hacker 论文

摘要

Many popular programs, such as Netscape, use untrusted helper applications to process data from the network. Unfortunately, the unauthenticated network data they interpret could well have been created by an adversary, and the helper applications are usually too complex to be bug-free. This raises significant security concerns. Therefore, it is desirable to create a secure environment to contain untrusted helper applications. We propose to reduce therisk of a security breachby restricting the program's access to the operating system. In particular, we intercept and filter dangerous system calls via the Solaris process tracing facility. This enabled us to build a simple, clean, user-mode implementation of as ecure environment for untrusted helper applications. Our implementation has negligible performance impact, and can protect pre-existing applications.