When to Worry About Browser Content
Browser content becomes potentially mischievous when it can do any of the following:
Access local files and resources
Exploit content or a content application helper executable with a recreatable buffer overflow
Launch itself without direct user involvement on the local machine
Remain active in memory without the user being aware
Manipulate external programs on the local machine.
Access or manipulate other browser windows on the local machine.
Create new processes on the local machine.
Be able to communicate to hosts other than the local machine.
For instance, Common Gateway
Interface
(CGI) and Active Server
Pages
(ASP) are server-side processes that run
on the web server, not the local web client. Those languages have a
hard time accessing local system resources. For those reasons, CGI
and ASP are probably not going to be high on the list for malicious
mobile code programmers. Of course, as languages involve, they often
gain new functionality. If that new functionality allows the local
system threats previously indicated, the language can be considered
potentially dangerous.
Another example, Virtual Reality Modeling
Language
(VRML) is a standard for the animation of geometric shapes and 3D objects within browsers. A VRML ActiveX control is packaged with Internet Explorer and presents very little security threat because it was designed to download and display graphics. It does not have access to the local file system, has no known buffer overflow ...
Get Malicious Mobile Code now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
