Check out the new USENIX Web site.

Home About USENIX Events Membership Publications Students

A Secure Environment for Untrusted Helper Applications
(Confining the Wily Hacker)

Ian Goldberg, David Wagner, Randi Thomas, and Eric Brewer
Computer Science Division
University of California, Berkeley


Many popular programs, such as Netscape, use untrusted helper applications to process data from the network. Unfortunately, the unauthenticated network data they interpret could well have been created by an adversary, and the helper applications are usually too complex to be bug-free. This raises significant security concerns. Therefore, it is desirable to create a secure environment to contain untrusted helper applications. We propose to reduce the risk of a security breach by restricting the program's access to the operating system. In particular, we intercept and filter dangerous system calls via the Solaris process tracing facility. This enabled us to build a simple, clean, user-mode implementation of a secure environment for untrusted helper applications. Our implementation has negligible performance impact, and can protect pre-existing applications.

View the full text of this paper in PDF, and POSTSCRIPT (218.405 Bytes) form.

To Become a USENIX Member, please see our Membership Information.

?Need help? Use our Contacts page.

Last changed: 1 May 2002 aw
Conference Index