Chrome OS Network Manager Sandboxed, Stripped of Root Privileges
The newest model of Google’s Chrome OS running machine brings some vital safety enhancements associated with the Shill community supervisor, together with a sandbox and less privileges.
Chrome OS 72 was once launched closing week and Google knowledgeable consumers that Shill has been positioned in a sandbox and it not runs as the basis consumer. Developers say those measures will have to assist give protection to customers in opposition to vulnerabilities and assaults comparable to those disclosed through a researcher again in December 2016.
The researcher confirmed sequence of flaws can have been exploited for arbitrary code execution within the internet browser and to escalate privileges to root. The assault was once in part imaginable because of the lifestyles of an HTTP proxy constructed into Shill. The proxy was once got rid of on the time through Chrome OS builders as phase of a repair.
Developers now need to be sure that Shill can’t be abused for malicious functions, which is why they have got positioned it in a sandbox and stripped it of its root privileges.
Blog posts pronouncing strong channel updates for Chrome OS most often handiest point out “security updates,” with out offering any main points.
Security enhancements have handiest been summarized on a couple of events up to now 12 months, together with mitigations for the Spectre and Meltdown assaults, patches for the Foreshadow (L1TF) vulnerabilities, and an undisclosed use-after-free malicious program within the GPU that has been categorized as “high severity.”