A secure environment for untrusted helper applications confining the wily hacker

6th USENIX Security Symposium 1996

Volumn , Issue , 1996, Pages

  Goldberg, Ian ^a   Wagner, David ^a   Thomas, Randi ^a   Brewer, Eric A ^a  

^a UNIVERSITY OF CALIFORNIA   (United States)

Author keywords

[No Author keywords available]

Indexed keywords

PERSONAL COMPUTING;

AND FILTERS; BUG-FREE; NETWORK DATA; PERFORMANCE IMPACT; PROCESS DATA; SECURITY BREACHES; SYSTEM CALLS; USER MODE;

APPLICATION PROGRAMS;

EID: 85084162735     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: None     Document Type: Conference Paper

References (36)

1. [8lgm]-Advisory-16.UNIX.sendmail-6-Dec-1994, December 1994.
2. [8lgm]-Advisory-17.UNIX.sendmailV5-2-May-1995, May 1995.
3. [8lgm]-Advisory-17.UNIX.sendmailV5.22-Aug-1995, August 1995.
4. [8lgm]-Advisory-20.UNIX.sendmailV5.1-Aug-1995, August 1995.
5. Lee Badger, Daniel F. Sterne, David L. Sherman, and Kenneth M. Walker. A domain and type enforcement UNIX prototype. USENIX Computing Systems, 9(1):47-83, Winter 1996.
6. Lee Badger, Daniel F. Sterne, David L. Sherman, Kenneth M. Walker, and Sheila A. Haghighat. Practical domain and type enforcement for UNIX. In Proc. 1995 IEEE Symposium on Security and Privacy, 1995.
7. Andrew Berman, Virgil Bourassa, and Erik Selberg. TRON: Process-specific file protection for the UNIX operating system. In Proc. 1995 USENIX Winter Technical Conference, pages 165-175. USENIX Assoc, 1995.
8. CERT advisory CA-88:01, 1988.
9. CERT advisory CA-90:01, January 1990.
10. CERT advisory CA-93:15, October 1993.
11. CERT advisory CA-93:16, November 1993.
12. CERT advisory CA-94:12, July 1994.
13. CERT advisory CA-95:05, February 1995.
14. CERT advisory CA-95:08, August 1995.
15. CERT advisory CA-95:10, August 1995.
16. CERT advisory CA-95:11, September 1995.
17. William R. Cheswick and Steven M. Bellovin. Firewalls and Internet Security: Repelling the Wily Hacker. Addison-Wesley, 1994.
18. Frederick Cohen. Personal communication.
19. Frederick Cohen. Internet holes. Network Security Magazine, January 1996.
20. Colusa Software. OmniWare technical overview, 1995.
21. Ray Cromwell. Buffer overflow, September 1995. Announced on the Internet. http://www.c2.net/hacknetscape/.
22. Drew Dean, Edward W. Felten, and Dan S. Wallach. Java security: From HotJava to Netscape and beyond. In Proc. of the 1996 IEEE Symposium on Security and Privacy, 1996.
23. G. Fernandez and L. Allen. Extending the Unix protection model with access control lists. In Proc. Summer 1988 USENIX Conference, pages 119-132. USENIX Assoc, 1988.
24. Glenn S. Fowler, Yennun Huang, David G. Korn, and Herman Rao. A user-level replicated file system. In Summer 1993 USENIX Conference Proceedings, pages 279-290. USENIX Assoc, 1993.
25. James Gosling and Henry McGilton. The Java language environment: A white paper, 1995. http://www.javasoft.com/whitePaper/javawhitepaper1.html.
26. Brian L. Kahn. Safe use of X window system protocol across a firewall. In Proc. of the 5th USENIX UNIX Security Symposium, 1995.
27. David G. Korn and Eduardo Krell. The 3-D file system. In Summer 1989 USENIX Conference Proceedings, pages 147-156. USENIX Assoc, 1989.
28. Nick Lai and Terence Gray. Strengthening discretionary access controls to inhibit Trojan horses and computer viruses. In Proc. Summer 1988 USENIX Conference, pages 275-286. USENIX Assoc, 1988.
29. Butler Lampson. Hints for computer system design. In Proceedings of the 9th ACM Symposium on Operating Systems Review, Volume 17:5, pages 33-48. Bretton Woods, 1983.
30. William LeFebvre. Restricting network access to system daemons under SunOS. In UNIX Security Symposium III Proceedings, pages 93-103. USENIX Assoc, 1992.
31. Davor Matic. Xnest. Available in the X11R6 source. Also ftp://ftp.cs.umass.edu/pub/rcf/exp/X11R6/xc/programs/Xserver/hw/xnest.
32. David L. Sherman, Daniel F. Sterne, Lee Badger, and S. Murphy. Controlling network communication with domain and type enforcement. Technical Report 523, TIS, March 1995.
33. Daniel F. Sterne, Terry V. Benzel, Lee Badger, Kenneth M. Walker, Karen A. Oostendorp, David L. Sherman, and Michael J. Petkac. Browsing the web safely with domain and type enforcement. In 1996 IEEE Symposium on Security and Privacy, 1996. Research abstract.
34. Jeff Uphoff. Re: Guidelines on cgi-bin scripts, August 1995. Post to bugtraq mailing list. http://www.eecs.nwu.edu/cgi-bin/mfs/files2/jmyers/public-html/bugtraq/0166.html?30#mfs.
35. Robert Wahbe, Steven Lucco, Thomas E. Anderson, and Susan L. Graham. Efficient software-based fault isolation. In Proc. of the Symp. on Operating System Principles, 1993.
36. Christian Wettergren. Re: Mime question⋯, March 1995. Post to bugtraq mailing list. http://www.eecs.nwu.edu/cgi-bin/mfs/files2/jmyers/public-html/bugtraq/1995a/0759.html?30#mfs.