[cap-talk] Concrete application, WebCVOS (was: Selling capabilities programming)
Jonathan S. Shapiro
shap at eros-os.com
Thu Jul 19 16:33:56 EDT 2007
On Thu, 2007-07-19 at 12:06 -0700, David Wagner wrote:
> Jonathan Shapiro writes:
> >Mark Miller wrote:
> >> If you still think it doesn't seem that hard, how are you going to
> >> intercept all OS traps on Windows without cooperation from Microsoft?
> >> AFAIK, there's no ptrace equivalent exposed to Windows programmers.
> >No, but there are plenty of ways to hook that API. Rootkits often do
> Yes, but I don't think they're useful for what James wants, namely,
> for sandboxing. There are thousands of OS traps on Windows...
I agree with all that you say. I wasn't proposing this as a solution. I
was merely noting that it is possible to hook system calls.
> My understanding is that many of the
> mechanisms that are ordinarily used to hook that API are bypassable:
> if the application is malicious, it can bypass the hook.
Yes. The problem with having 1000 system calls is that the Microsoft
team can't sandbox them effectively either.
More information about the cap-talk