lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAMnK33XEZXojnrj5onAr_w_5Gno0R=_FxC1aKx4-9ro3wPy47Q@mail.gmail.com> Date: Fri, 21 Oct 2011 13:57:48 -0700 From: Chris Evans <scarybeasts@...il.com> To: security@...ossecurity.com Cc: full-disclosure@...ts.grok.org.uk Subject: Re: Google Chrome pkcs11.txt File Planting On Fri, Oct 21, 2011 at 2:06 AM, ACROS Security Lists <lists@...os.si> wrote: > > A month ago our company notified Google about a peculiar behavior of Chrome browser > that can be exploited for execution of remote code outside Chrome sandbox under > specific conditions. Our new blog post describes it all. > > http://blog.acrossecurity.com/2011/10/google-chrome-pkcs11txt-file-planting.html Interesting. Clear write-up. I'm not a Windows guy but the article led me to research this: http://www.google.com/search?sourceid=chrome&ie=UTF-8&q=windows+file+dialog+changes+cwd Isn't that the most significant contributor? An application carefully puts its CWD somewhere sane and then the underlying operating system flips it around later? Might that also cause non-determinism for multi-threaded apps? Does the problem affect Mac, Linux users? Cheers Chris > > or > > http://bit.ly/olK1P9 > > Enjoy the reading! > > > Mitja Kolsek > CEO&CTO > > ACROS, d.o.o. > Makedonska ulica 113 > SI - 2000 Maribor, Slovenia > tel: +386 2 3000 280 > fax: +386 2 3000 282 > web: http://www.acrossecurity.com > blg: http://blog.acrossecurity.com > > ACROS Security: Finding Your Digital Vulnerabilities Before Others Do > > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ > _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists