Google chrome sandbox- does it even exists

Discussion in 'other anti-malware software' started by aigle, Dec 29, 2008.

Thread Status:
Not open for further replies.
  1. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    I wonder what is the nature of the Sandbox in Google Chrome n Iron browsers. Does it really exists?

    In Process Explorer, they are not shown as under limited rights. I just did a crude test. I executed some harmless utilities via these browsers and they were not stopped. Hooking( dll injection), driver loading etc worked. What i miss? Where is the sandbox?
     
  2. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    It does sandbox the rendering engine, see https://www.wilderssecurity.com/showpost.php?p=1341118&postcount=29 for more info.

    Testing the sandbox from outside has no purpose, it protects direct contact from rendered webpages (inside) to outside (user environment).

    I am running Iron portable (with newer webkit version and no Google tracking plus adblock). It works allright.

    Cheers
     
  3. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    Hmmmm... so can we test them via drive-by downloads?
     
  4. chris2busy

    chris2busy Registered Member

    Joined:
    Jun 14, 2007
    Posts:
    477
    absolutely..thats what it is for..would also be very interested in results if udecide to do test them..have been thinking of trying them for a while
     
  5. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    I only understand Chrome's sandboxing in a layman's terms where each tab/web page runs in it's own memory space (sandbox) and if one page crashes the other open pages stay up.
     
  6. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    I also would like to see this thing tested out against malware. I've been interested in the Iron version of this, but I'd like to see some security tests done first.
     
  7. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Iron portable is a good and fast browser.

    The sandbox works, but only rarely noticeable. I only managed to crash a tab once when playing a malware video.

    I could not figure out what it was doing, but running the same file with IE7, I discovered that it tried to replicate a video format file to C:\windows directory.

    Problem when testing with former browser vulnabilities a new browser (version) is always protected against known threats.

    The guys from Stanford used PoC's and known (not solved) vulnabilities of other browser parts to test the sandbox.

    The password manager of Chrome does not seem to be very safe. I am not saving passwords anyway, so is of no relevance to me.
     
  8. EASTER

    EASTER Registered Member

    Joined:
    Jul 28, 2007
    Posts:
    5,634
    Location:
    U.S.A. (South)
    Reasonably decent browser over here too. Chrome on the other hand just doesn't interest me at all given the fact that Firefox 3.05 (Portableand Opera's latests offer more flexibility and i sure can't fault any loss of speed but rather gains over IE which i thought i would be forever seared in my brain with. LoL

    EASTER
     
  9. aigle

    aigle Registered Member

    Joined:
    Dec 14, 2005
    Posts:
    11,047
    Location:
    Saudi Arabia/ Pakistan
    I might test but it,s hard to find any drive-by sites that work with it.
     
  10. dw426

    dw426 Registered Member

    Joined:
    Jan 3, 2007
    Posts:
    5,543
    I can pretty much guarantee you that won't last long. But when they do start working with it, I'm itching to see just how hardy that sandbox is. In the meantime though, enjoy the relative freedom from malware attacking it while you can.
     
  11. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    In retro perspective Chrome would have suffered from 30% of the browser vulnabilities of IE or FF. So it is not an error proof solution, just better than any existing browser at the moment.

    "Only" 30 would mean a protection percentage of 70%, I can not imagine anyone buying a AV with this stats, but in the land of the blind 1-eye is king.

    Cheers
     
  12. Infinite Luta

    Infinite Luta Registered Member

    Joined:
    Mar 26, 2008
    Posts:
    19
    Location:
    Illinois, USA
  13. Kees1958

    Kees1958 Registered Member

    Joined:
    Jul 8, 2006
    Posts:
    5,857
    Thx for the link. Will there be some form of sandbox code inspectation/target process certification, so they comply with outlined design practise? For instance to check whether the target code contains a lower token call?

    Cheers
     
    Last edited: Dec 30, 2008
Loading...
Thread Status:
Not open for further replies.