A Black-Box Tracing Technique to Identify Causes of Least-Privilege Incompatibilities
- Shuo Chen ,
- John Dunagan ,
- Chad Verbowski ,
- Yi-Min Wang
Proceedings of Network and Distributed System Security Symposium (NDSS) |
Published by Internet Society
Most Windows users run all the time with Admin privileges. This significantly increases the vulnerability of Windows systems because the compromise of any user-level application becomes a system compromise. To address this problem, we present a novel tracing technique to identify the causes of least-privilege incompatibilities (i.e., application dependencies on Admin privileges). Our evaluation on a number of real-world applications shows that our tracing technique significantly helps developers fix leastprivilege incompatibilities, and can also help system administrators mitigate the impact of least-privilege incompatibilities through local system policy changes.
Copyright © by the Internet Society. Copyright and Reprint Permissions: The Internet Society owns the copyrights for these publications. You may freely reproduce all or part of any paper for noncommercial purposes if you credit the author(s), provide notice to the Internet Society, and cite the Internet Society as the copyright owner.