diff options
| author | Kartik K. Agaram <vc@akkartik.com> | 2021-12-25 14:36:56 -0800 |
|---|---|---|
| committer | Kartik K. Agaram <vc@akkartik.com> | 2021-12-25 14:36:56 -0800 |
| commit | ee66da41f53e1d23ff83cbca93fc10e8eee34945 (patch) | |
| tree | cfb3d02a65de4b359eb0348d2902552e8c3ec762 | |
| parent | 399fb500f488fdadb64bed62dbee591838d8636e (diff) | |
| download | teliva-ee66da41f53e1d23ff83cbca93fc10e8eee34945.tar.gz | |
sandbox: new scenario
| -rw-r--r-- | sandboxing/README.md | 4 |
1 files changed, 4 insertions, 0 deletions
diff --git a/sandboxing/README.md b/sandboxing/README.md index ab3adf3..f73059c 100644 --- a/sandboxing/README.md +++ b/sandboxing/README.md @@ -44,6 +44,10 @@ Scenarios: allows an app to do anything. Educate people to separate apps that read sensitive data from apps that access remote servers. - (2) solution: map phases within an app to distinct permission sets + * app A legitimately needs to read sensitive data. It saves a copy to file + X. app B seems to legitimately needs to access the network, but also + asks to read file X. If the owner forgets who wrote file X and what it + contains, sensitive data could be exfiltrated. * (3) app wants access to system() or exec() or popen() Difficulty levels |