Who are we? Jos Wetzels Ali Abbasi


QNX Process Management QNX Process Management



Download 10,05 Mb.
bet4/11
Sana27.10.2022
Hajmi10,05 Mb.
#857052
1   2   3   4   5   6   7   8   9   10   11
Bog'liq
wetzels dissecting qnx infiltrate 2018 (1)

QNX Process Management

QNX Process Management

  • Process Manager is combined with microkernel in procnto executable
    • Runs as root with PID 1
    • No special microkernel interface but has _NTO_PF_RING0 flag to call _ring0 syscall
  • Support for usual POSIX stuff, uses ELF format

QNX Process Abilities

QNX Process Abilities

  • procmgr_ability similar to Linux capabilities
  • Integral to QNX ‘rootless execution’ security
    • Principle of least privilege
  • Abilities have domain (root/non-root), range (restrict values), inheritable, locked, etc.
    • Eg. PROCMGR_AID_SPAWN_SETUID with range [800, 899]
  • Can specify custom abilities

QNX Process Abilities Limitations

QNX Process Abilities Limitations

  • It’s not a true sandbox!
  • Lots of rope to hang yourself with
    • Some functionality uncovered by capabilities (fs, network, etc.)
    • Some capabilities don’t have ranges
    • Watch out with inheritability (inheritable itself): fork() ignores this, spawn() honors this
  • Various capabilities can be used to elevate privileges to root
    • Some directly: PROCMGR_AID_SPAWN_SETUID
    • Some indirectly: PROCMGR_AID_INTERRUPT

QNX 7 Sandboxing

QNX 7 Sandboxing

  • Explicit Sandboxing support as of QNX 7
    • Handling implemented in procnto (procmgr_sandbox, procmgr_sandbox_check_path, …)
  • Creation / Deletion requires _PROCMGR_AID_SANDBOX ability
  • Children inherit parent sandboxes, only 1 sandbox per process at a time
  • Seems to support only path restrictions

QNX 7 Anomaly Detector (QAD)

QNX 7 Anomaly Detector (QAD)

  • Training phase + Monitoring phase
    • Syscall components (sender + receiver IDs) hashed into normal profile, supplied with firmware
    • Config files specifies monitoring targets by path, monitor upon service start
  • QAD places info in PPS objects
    • Status: overall QAD status
    • PID: monitored object status (#anomalies, profile info)
  • (Some) initial observations
    • We only have anomaly counts, no granular info
    • How do we determine when to act, FP/FN ratio, etc.?
    • Who monitors QAD output? How to take action?

Download 10,05 Mb.

Do'stlaringiz bilan baham:
1   2   3   4   5   6   7   8   9   10   11




Ma'lumotlar bazasi mualliflik huquqi bilan himoyalangan ©hozir.org 2024
ma'muriyatiga murojaat qiling

kiriting | ro'yxatdan o'tish
    Bosh sahifa
юртда тантана
Боғда битган
Бугун юртда
Эшитганлар жилманглар
Эшитмадим деманглар
битган бодомлар
Yangiariq tumani
qitish marakazi
Raqamli texnologiyalar
ilishida muhokamadan
tasdiqqa tavsiya
tavsiya etilgan
iqtisodiyot kafedrasi
steiermarkischen landesregierung
asarlaringizni yuboring
o'zingizning asarlaringizni
Iltimos faqat
faqat o'zingizning
steierm rkischen
landesregierung fachabteilung
rkischen landesregierung
hamshira loyihasi
loyihasi mavsum
faolyatining oqibatlari
asosiy adabiyotlar
fakulteti ahborot
ahborot havfsizligi
havfsizligi kafedrasi
fanidan bo’yicha
fakulteti iqtisodiyot
boshqaruv fakulteti
chiqarishda boshqaruv
ishlab chiqarishda
iqtisodiyot fakultet
multiservis tarmoqlari
fanidan asosiy
Uzbek fanidan
mavzulari potok
asosidagi multiservis
'aliyyil a'ziym
billahil 'aliyyil
illaa billahil
quvvata illaa
falah' deganida
Kompyuter savodxonligi
bo’yicha mustaqil
'alal falah'
Hayya 'alal
'alas soloh
Hayya 'alas
mavsum boyicha


yuklab olish