A Black-Box Tracing Technique to Identify Causes of Least-Privilege Incompatibilities

Proceedings of the Symposium on Network and Distributed System Security, NDSS 2005

Volumn , Issue , 2005, Pages

  Chen, Shuo ^a   Dunagan, John ^b   Verbowski, Chad ^b   Wang, Yi Min ^b  

^a UNIVERSITY OF ILLINOIS AT URBANA CHAMPAIGN   (United States)

^b NONE

Author keywords

[No Author keywords available]

Indexed keywords

BLACK BOX TRACING; HELP SYSTEMS; LEAST PRIVILEGE; LOCAL SYSTEM; REAL-WORLD; SYSTEM ADMINISTRATORS; SYSTEMS POLICIES; TRACING TECHNIQUE; USER LEVELS; WINDOW SYSTEM;

EID: 72249103625     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (34)

1. A. Acharya and M. Raje. MAPbox: Using Parameterized Behavior Classes to Confine Untrusted Applications. USENIX Security 2000.
2. K. Ashcraft and D. Engler. Using Programmer-Written Compiler Extensions to Catch Security Holes. IEEE Security and Privacy 2002.
3. T. Ball. Abstraction-guided Test Generation: A Case Study, Microsoft Research Technical Report, MSR-TR-2003-86, November 2003.
4. K. Brown. Keith's Security Hall of Shame. http://www.pluralsight.com/keith/hallofshame/default.htm.
5. D. Brumley and D. Song. Privtrans: Automatically partitioning Programs for Privilege Separation. USENIX Security 2004.
6. M. E. Carson. Sendmail without the Superuser. USENIX Security 1993.
7. CERT. Advisory CA-2004-02 Email-borne Viruses. http://www.cert.org/advisories/CA-2004-02.html.
8. CERT. AOL Instant Messenger client for Windows contains a buffer overflow while parsing TLV 0x2711 packets. http://www.kb.cert.org/vuls/id/907819.
9. CERT. Critical Vulnerabilities in Microsoft Windows. http://www.us-cert.gov/cas/techalerts/TA04-212A.html.
10. CERT. Internet Explorer Update to Disable ADODB.Stream ActiveX Control. http://www.uscert.gov/cas/techalerts/TA04-184A.html.
11. H. Chen, D. Wagner, and D. Dean. Setuid demystified. USENIX Security 2002.
12. C. Cowan, S. Beattie, G. Kroah-Hartman, C. Pu, P. Wagle, and V. Gligor. SubDomain: Parsimonious Server Security. LISA 2000.
13. C. Evans. Very secure FTP daemon. http://vsftpd.beasts.org.
14. T. Garfinkel. Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools. NDSS 2003.
15. T. Garfinkel, B. Pfaff, J. Chow, M. Rosenblum, and D. Boneh. Terra: A Virtual Machine-Based Platform for Trusted Computing. SOSP 2003.
16. A. Gotlieb, B. Botella, and M. Rueher. Automatic test data generation using constraint solving techniques. In Proceedings of the International Symposium on Software Testing and Analysis, pages 53-62. ACM, 1998.
17. D. GUI. Debugging Permissions Problems. http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnaskdr/html/askgui03272001.asp.
18. M. Howard, J. Pincus, and J. Wing. Measuring Relative Attack Surfaces. Proceedings of Workshop on Advanced Developments in Software and Systems Security, Taipei, December 2003. Also CMU-CS-03-169 Technical Report, August 2003.
19. D. Jackson and M. Vaziri. Finding bugs with a constraint solver. In Proceedings of the International Symposium on Software Testing and Analysis, pages 14-25. ACM, 2000.
20. P. A. Loscocco and S. D. Smalley. Meeting Critical Security Objectives with Security-Enhanced Linux. In the Proceedings of the 2001 Ottawa Linux Symposium, July 2001.
21. Microsoft. Certain Programs Do Not Work Correctly If You Log On Using a Limited User Account. http://support.microsoft.com/default.aspx?scid=kb;enus;307091.
22. Microsoft. Retrieving the Properties of a Connection (VBScript). http://msdn.microsoft.com/library/default.asp?url=/library/en-us/ics/ics/retrieving the properties_of_a_connection_vbscript_.asp.
23. T. Oetiker. MSI Packaging How-to. http://isg.ee.ethz.ch/tools/realmen/det/msi.en.html.
24. P. Proctor. Hardening Windows NT Against Attack. http://www.secinf.net/windows security/Hardening Windows NT Against Attack.html.
25. N. Provos. Improving Host Security with System Call Policies. USENIX Security 2003.
26. N. Provos, M. Friedl, and P. Honeyman. Preventing Privilege Escalation. USENIX Security 2003.
27. P. Provost. Non-Admin Development in VS.NET 2003. http://www.peterprovost.org/archive/2004/11/01/2040.aspx.
28. T. Rhodes. FreeBSD Handbook, Chapter 15: Mandatory Access Control, http://www.freebsd.org/doc/en US.ISO8859-1/books/handbook/mac.htmlciteseer.nj.nec.com/ganesh03peertopeer.html.
29. S. Saroiu, S. D. Gribble, and H. M. Levy. Measurement and Analysis of Spyware in a University Environment. NSDI 2004.
30. M. R. Tal Garfinkel, Ben Pfaff. Ostia: A Delegating Architecture for Secure System Call Interposition. NDSS 2004.
31. Toups. Administrator Privileges for TurboTax?!?! http://www.dslreports.com/forum/remark,9732454 mode=flat.
32. W. Venema. Postfix Overview. http://www.postfix.org/motivation.html.
33. Y.-M. Wang, R. Roussev, C. Verbowski, A. Johnson, M.W. Wu, Y. Huang, and S.-Y. Kuo. Gatekeeper: Monitoring Auto-Start Extensibility Points (ASEPs) for Spyware Management. In Proceedings of Usenix LISA, Nov. 2004.
34. J. Yang, T. Kremenek, Y. Xie, and D. Engler. MECA: an Extensible, Expressive System and Language for Statically Checking Security Properties. ACM CCS 2003.