课程: Threat Modeling: Spoofing In Depth

今天就学习课程吧!

今天就开通帐号,24,700 门业界名师课程任您挑!

Libraries (LD_PATH, %Downloads%)

Libraries (LD_PATH, %Downloads%)

课程: Threat Modeling: Spoofing In Depth

开始一个月试用 购买团队方案

Libraries (LD_PATH, %Downloads%)

- Libraries are special. They're files full of code that my code relies on, so it would be crazy to be lazy or hazy about the file I'm opening, right? Absolutely. And there are a few categories of failure which include trusting directories with weak permissions, environment variables which alter load behavior, and tools which are designed to manage the libraries in use. Directories with weak permissions include temp and the downloads directory. Running code from downloads is common behavior, and so drive-by download attacks include dropping DLLs which common installers will use. Weak permissions can also be an issue with references to the current or working directory with references like ./library.so. Do you know what directory that will reference? This can be more of an issue for privileged or set UID code where an attacker might want to manipulate what library gets loaded to take advantage of privilege. Environment…

内容