[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <CALx_OUALVpO=Df8fk0bvij8O18CU2ik0zE7_Dio+6K+dsPBXAw@mail.gmail.com>
Date: Thu, 22 Dec 2011 13:01:58 -0800
From: Michal Zalewski <lcamtuf@...edump.cx>
To: Charles Morris <cmorris@...odu.edu>
Cc: full-disclosure@...ts.grok.org.uk
Subject: Re: OT: Firefox question / poll
> Do you think that the Firefox "warning: unresponsive script" is meant
> as a security feature or a usability feature?
More seriously, though, it's a bit of an oddly-phrased question. Only
the author of the code knows the true intent; you can look up the
mention of this text in the code, and see what the text accompanying
that change was, or contact whoever made it.
What I can tell you is that there is no concerted effort by any of the
browser vendors to make DoS attacks on the browser difficult; and that
this particular prompt is trivially bypassable, too. Moreover, some of
the previously introduced CPU and memory restrictions on the
JavaScript engine have been removed in the past few years, and many of
the new APIs (such as history.pushState, window.postMessage, or
Worker) are specified and implemented with no particular DoS
mitigations.
And no, it's very unlikely for this prompt to reliably prevent any
practical attempts to exploit non-DoS vulnerabilities in the browser.
/mz
PS. The usual plug: If you are curious, I have a whole chapter on this
and other perhaps more interesting issues related to malicious scripts
in "The Tangled Web".
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists