Any info on IE10 Sandbox?

Discussion in 'other security issues & news' started by Hungry Man, Nov 9, 2012.

Thread Status:
Not open for further replies.
  1. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I know IE10 runs using Appcontainer but is there info into the architecture? For exampe: is each tab in a separate sandbox? Each renderer? Etc.

    Chrome has a somewhat out of date page but it's pretty clear about the multiprocess architecture. Anyone know of a page like this for IE10?
     
  2. Wild Hunter

    Wild Hunter Former Poster

    Joined:
    Oct 13, 2012
    Posts:
    1,375
  3. Wild Hunter

    Wild Hunter Former Poster

    Joined:
    Oct 13, 2012
    Posts:
    1,375
  4. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Thanks very much, gonna read those.
     
  5. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,948
    Location:
    U.S.A.
  6. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Thanks JRViejo. I haven't found quite the level of detail that I was looking for but it's good enough.
     
  7. Fox Mulder

    Fox Mulder Registered Member

    Joined:
    Jun 2, 2011
    Posts:
    203
    EPM is an impressive IE10 feature. If only I could get Zones working the way I'd want, I'd be all gung ho for it. :p
     
  8. JRViejo

    JRViejo Global Moderator

    Joined:
    Jul 9, 2008
    Posts:
    20,948
    Location:
    U.S.A.
    Agree. There's not too much info out there, maybe by design. :doubt:
     
  9. Baserk

    Baserk Registered Member

    Joined:
    Apr 14, 2008
    Posts:
    1,317
    Location:
    AmstelodamUM
    According to a Techradar.com review;
    The way IE works (in Metro and desktop) is to run a medium integrity process for the browser frame; the tabs that Web pages load in are each in their own sandbox (even in the desktop browser, tabs that used to be running at low integrity with fewer permissions are now at the AppContainer level). link No references/linked articles though.
     
  10. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    The only thing I can find is the old Accuvant study on IE9, which states:

    Chrome:
    IE9:
    Accuvant seems to be making the distinction for all separated processes, so to me it looks like IE9 architecturally doesn't separate the renderer/ GPU process. I can't find a thing on IE10 but I guess I'll just assume that hasn't changed. Later in the article they reference the renderer as being the area of least privilege for IE9.

    If anyone finds any recent info let me know.
     
  11. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    This thing is incredibly hard to get any detailed information about beyond the already known EPM. I've tried re-wording searches and being as specific as I knew how ((not being a security researcher)), and Google is just tossing the same old tired speed comparisons at me or beta-period general security information that's already well covered.
     
  12. xxJackxx

    xxJackxx Registered Member

    Joined:
    Oct 23, 2008
    Posts:
    4,049
    Location:
    USA
    With IE10 Preview for Windows 7 rumored to be coming out tomorrow, I wonder how many features it will lack compared to the Windows 8 version.
     
  13. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Quite a number I believe. But it will gain ForceASLR when that gets patched into Windows 7 - though it will be far less effective.
     
  14. Mman79

    Mman79 Registered Member

    Joined:
    Sep 19, 2012
    Posts:
    2,016
    Location:
    North America
    I'm not seeing anything on rumors for a Preview release tomorrow. But considering this story: http://www.pcworld.com/article/2013...elegate-windows-7-to-second-class-status.html, added in with how uncaring they've seemed towards IE 10 on Windows 7 it's hard not to wonder if there will be a final IE 10 for users of Windows 7. Going by the looks of discussions about what won't be enabled or available with IE 10 under Windows 7, I'm also starting to wonder if there is any real point to having IE 10 under that OS.
     
  15. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    The benefit of a 64bit JIT compiler is there. And you get 64bit ASLR, which is something - though there haven't been any attacks that bruteforce in the wild.
     
  16. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,984
    Location:
    Canada
    The Windows 7 Preview release is now available:

    http://ie.microsoft.com/testdrive/Info/Downloads/Default.html

    I've trialed the x64 version for a little while in the VM. EPM has to be manually enabled followed by a system restart. As some people seemed to expect, EPM doesn't appear to function under Win 7 (renderer not running as untrusted), unless I'm missing something.
     

    Attached Files:

  17. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    In Windows 64bit all that EPM does is make sure every launched process is 64bit. The benefit being 64bit ASLR (much more useful on Windows :cool:.

    You won't get appcontainer because it isn't supported.
     
  18. wat0114

    wat0114 Registered Member

    Joined:
    Aug 5, 2012
    Posts:
    1,984
    Location:
    Canada
    Okay, I got it :) On another note, its performance seemed sluggish as well, especially when playing back Flash video w/audio. The fact it was in a vm doesn't help matters, though.
     
  19. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    VMs with modern operating systems are terrible - the GPU acceleration is crap.
     
  20. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    They could have gone further with their standard Protected Mode, though. (As I've mentioned in another thread.)

    Or, just make EPM (Windows 7 version) make IE renderer processes work at Untrusted label, like Google Chrome, if they didn't want to modify the standard Protected Mode. Too bad Microsoft isn't that interested in making Windows 7 Internet Explorer 10 users safer. :D

    Then again, with version 10, we still have no way to have multiple profiles. (To the best of my knowledge.) :argh:
     
  21. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    I don't think this is possible. On Chrome it is because it separates the renderer out from the tabs and other processes. IE9/10, as far as I can tell, just have a broker process and then tab processes. It's a different architecture but (and this is the purpose of the topic) I can't find detailed information explaining it.
     
  22. m00nbl00d

    m00nbl00d Registered Member

    Joined:
    Jan 4, 2009
    Posts:
    6,623
    I also couldn't find detailed info, as much as I would like. But, even if the doesn't work the way Chrome does, that doesn't mean they couldn't ever make it work that way. They could, obviously.
     
Loading...
Thread Status:
Not open for further replies.