Can LUA guarantee service isolation?
2 posters
Page 1 of 1
Can LUA guarantee service isolation?
After careful reading of the second post of this topic : http://sandboxie.com/phpbb/viewtopic.php?t=7014 it seems that many of my fears about sandboxie x64 have been put to rest.
ssj, since you're an expert on LUA matters, I wanted to know if:
* LUA prevents sandboxed programs from starting and terminating services already present on a pc.
* LUA prevents sandboxed programs from creating their own services.
* LUA prevents sandboxed programs from modifying an piggybacking on already present services.
Cheers,
Rico
tzuk wrote:File-system, registry access and cross-process manipulation in the 64-bit version is subject to strong protection which is provided by kernel mode code, just like the 32-bit version.
However, as described in the WindowsVista64 page, the 64-bit version of Sandboxie cannot use kernel mode supervision to guarantee that software in the sandbox does not connect to a service outside the sandbox. Such connections are protected only at the application level.
For this reason, the Drop Rights option is enabled by default in the 64-bit version of Sandboxie.
ssj, since you're an expert on LUA matters, I wanted to know if:
* LUA prevents sandboxed programs from starting and terminating services already present on a pc.
* LUA prevents sandboxed programs from creating their own services.
* LUA prevents sandboxed programs from modifying an piggybacking on already present services.
Cheers,
Rico
Rico- Advanced Member
- Posts : 118
Join date : 2010-06-18
Re: Can LUA guarantee service isolation?
Hi Rico, I'm not really an expert, but I'll give it my best shot answering your questions. p2u (or tzuk) is probably the expert you're after though haha.
However, the big question is what happens in a Privilege Escalation Exploit to sandboxed programs? For 32-bit, I am fairly sure that everything would still be contained. However, on 64-bit, I'm less sure. Remember, with a Privilege Escalation Exploit, the sandboxed programs may be able to run with Administrator or System rights. The way I understand it, at this stage, the user would need to rely on Sandboxie's protection.
I think LUA generally prevents programs (and the user) from starting and terminating services. I'm not 100% sure if LUA will prevent this within the sandbox though, but I would be surprised if a program running sandboxed could start/terminate services in an LUA. After all, a sandboxed program is simply another process running in the LUA with the rights of the LUA.Rico wrote:* LUA prevents sandboxed programs from starting and terminating services already present on a pc.
Similar to above.Rico wrote:* LUA prevents sandboxed programs from creating their own services.
This one I'm not so sure about, but again, if you think that sandboxed programs are running with the user's rights, then these sandboxed programs must have "limited rights" just like unsandboxed programs. Therefore, they should be unable to modify already running services. I'm not exactly sure what "piggybacking" is though. Is it that the sandboxed program could "take control over" the service? If so, I doubt it would be able to do so in a LUA.Rico wrote:* LUA prevents sandboxed programs from modifying an piggybacking on already present services.
However, the big question is what happens in a Privilege Escalation Exploit to sandboxed programs? For 32-bit, I am fairly sure that everything would still be contained. However, on 64-bit, I'm less sure. Remember, with a Privilege Escalation Exploit, the sandboxed programs may be able to run with Administrator or System rights. The way I understand it, at this stage, the user would need to rely on Sandboxie's protection.
Page 1 of 1
Permissions in this forum:
You cannot reply to topics in this forum
|
|