Re: What is a security bug?

To: debian-security@lists.debian.org
Subject: Re: What is a security bug?
From: Mark Seaborn <mseaborn@onetel.com>
Date: Wed, 23 Nov 2005 19:29:34 +0000 (GMT)
Message-id: <[🔎] 20051123.192934.730550330.mrs@localhost>
In-reply-to: <[🔎] 87mzjvu0uf.fsf@mid.deneb.enyo.de>
References: <[🔎] 87mzjvu0uf.fsf@mid.deneb.enyo.de>

Florian Weimer <fw@deneb.enyo.de> wrote:

> It seems that I have difficulty understanding what constitutes a
> security bug in a web browser.
> 
> Suppose that the web browser always crashes when confronted with
> certain input, losing all of its state.  With tabbed browsing,
> multiple browser opened by the same process etc., this means that
> potentially important work is lost.

A really broad definition of security is that a system is secure if it
does what the user expects it to do.

If you apply this at the level of the interactions between
reasonably-sized entities, this definition is usable: You don't expect
clicking on a link in one browser window to cause other windows to
disappear without trace.

Besides the problem of losing your work in one browser window, this
sort of bug raises more security questions:

 * Why are multiple browser windows implemented by the same process?
   Does it really save that much resources?  Why not run them in
   separate processes?
 * Why is the browser process runnning with the user's full authority,
   including access to all the user's files?  If you run it with
   access to only the files it needs, the risk from buffer overruns
   will be greatly reduced.

Mark

Reply to:

References:
- What is a security bug?
  - From: Florian Weimer <fw@deneb.enyo.de>

Prev by Date: Re: What is a security bug?
Next by Date: Re: Re: Putty 0.45 vs. SSH Login
Previous by thread: What is a security bug?
Next by thread: Re: What is a security bug?
Index(es):
- Date
- Thread