Basic Questions re Chrome's Sandbox

Discussion in 'sandboxing & virtualization' started by Cruise, Nov 6, 2012.

Thread Status:
Not open for further replies.
  1. Cruise

    Cruise Registered Member

    Joined:
    Jun 10, 2010
    Posts:
    1,024
    Location:
    USA
    I'm a new Chrome user (installed it just today) and was curious about Chrome's sandbox.

    Is the sandbox always enabled by default?
    How do I 'tell' the sandbox to always allow downloads to a specified partition?

    Any other new user tips are also welcomed...

    Thanks,
    Cruise
     
  2. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Yes, it is.

    You don't have to, it will be able to do this.
     
  3. Cruise

    Cruise Registered Member

    Joined:
    Jun 10, 2010
    Posts:
    1,024
    Location:
    USA
    Hungry Man,

    Thanks for the quick reply, but your 2nd answer confuses me further. If I don't have to deliberately instruct Chrome to pass downloads through to a folder/partition of my choosing, how does Chrome know to contain undesirable malware within its sandbox?

    Cruise
     
  4. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Chrome's sandbox works by splitting the browser up into various parts.

    You have your Javascript renderer, Tabs, Extensions, and a few other areas.

    All of those areas are run at Untrusted Integrity without file access.

    When you try to download something the "Broker" process handles it, making a security decision as to whether or not the write is legitimate or not.

    This allows for a transparent sandbox where you never have to interact with it.
     
  5. Cruise

    Cruise Registered Member

    Joined:
    Jun 10, 2010
    Posts:
    1,024
    Location:
    USA
    Thanks again HM. While that automation sounds very nice, do you know of any tests showing that it does the job in keeping nasties (such as rootkits) from hooking into your system?

    Cruise
     
  6. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Historically the sandbox has done very well. No attacks against the Chrome sandbox have ever been found in the wild and successful attacks against it in competitions like pwn2own typically consist of many vulnerabilities being chained together.
     
  7. Cruise

    Cruise Registered Member

    Joined:
    Jun 10, 2010
    Posts:
    1,024
    Location:
    USA
    That's good to hear. In your opinion, is it comparable to Sandboxie with IE (from a security viewpoint)?
     
  8. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Chrome's sandbox is better than IE9's sandbox. With IE10 on Windows 8 I'd say IE10 may be more secure in terms of the Sandbox and security mitigations - there isn't enough information right now on the architecture of the browser itself to say but I'd say they're both very secure.
     
  9. Cruise

    Cruise Registered Member

    Joined:
    Jun 10, 2010
    Posts:
    1,024
    Location:
    USA
    I was referring to IE with Sandboxie - is the above to say that you believe that Chrome is safer than IE with Sandboxie?
     
  10. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Oh, I'm sorry I misread.

    IE10 is already arguably more secure than Chrome with Enhanced Protected Mode so I think that, with Sandboxie, it could be considered more secure.
     
  11. acr1965

    acr1965 Registered Member

    Joined:
    Oct 12, 2006
    Posts:
    4,954
    So are you saying that Chrome is immune from drive bye downloads? For instance, if a person is using Chrome and goes to a site that is malicious and attempts to download some malicious files (ie some flash exploit or pdf exploit)...what happens? Does the download happen but the file is not able to write? Is the malicious download able to run with limited rights? I understand what happens when I run a browser inside sandboxie...but I'm assuming Chrome is different. I can download a file using Chrome that my antivirus flags as malicious. I'm assuming if a malicious file is downloaded and the user decides to install it then the file will not have limited rights because it was downloaded using Chrome...if I download a file with my browser inside sandboxie and try to install the file I think the file will continue having limited rights or running inside a sandbox until I tell it not to?...it's confusing to me...
     
  12. Hungry Man

    Hungry Man Registered Member

    Joined:
    May 11, 2011
    Posts:
    9,148
    Well that depends. Let's say a user visits a page that hosts a Flash exploit (Chrome runs Flash in an untrusted process).

    Without the sandbox Flash would be exploited and (usually) a second payload would be launched.

    With the sandbox Flash would be exploited but would not be able to write to anywhere on the file system - it couldn't write or launch a second payload. Even if an attacker stays within the compromised Flash process they're limited in their ability to read/ write to the system, which makes local exploitation much more difficult.
     
  13. Cruise

    Cruise Registered Member

    Joined:
    Jun 10, 2010
    Posts:
    1,024
    Location:
    USA
    Actually I was referring to IE9 with Sandboxie - as I don't think IE10 is available yet (for W7). o_O

    Cruise
     
Loading...
Thread Status:
Not open for further replies.