|
From: Thomas S. <ste...@gm...> - 2005-05-19 18:28:29
|
On 5/19/05, Nicholas Nethercote <nj...@cs...> wrote: > This has me scratching my head. I'm sure there are lots of ways in which > Valgrind is "insecure", but I don't see it as a security-sensitive > application in any way. Well, probably a browser is more likely. Imagine that a trampolin is used to check the security context. If you start the browser, it points to the local homepage, so everything is allowed. Now you go to a malicious website. Somehow it manages to pass the necessary parameters to generate a trampolin with the same checksum. It will use the previous translation, which may make the browser think the page is in a local context. And then the website can take over your browser. It is contrived, but I think it is theoretically possible. I am not sure whether we have to worry about security problems, or weather the user should stick to "trusted content". > Unless you're, say, running your webserver under > Valgrind, in which case you're crazy. Is it? Probably. But maybe you just want to find memory leaks in your webse= rver? Thomas |