Chrome OS Network Manager Sandboxed, Stripped of Root Privileges

0
8
Chrome OS Network Manager Sandboxed, Stripped of Root Privileges
Chrome OS Network Manager Sandboxed, Stripped of Root Privileges

Chrome OS Network Manager Sandboxed, Stripped of Root Privileges

The newest model of Google’s Chrome OS running machine brings some vital safety enhancements associated with the Shill community supervisor, together with a sandbox and less privileges.

Chrome OS 72 was once launched closing week and Google knowledgeable consumers that Shill has been positioned in a sandbox and it not runs as the basis consumer. Developers say those measures will have to assist give protection to customers in opposition to vulnerabilities and assaults comparable to those disclosed through a researcher again in December 2016.

The researcher confirmed sequence of flaws can have been exploited for arbitrary code execution within the internet browser and to escalate privileges to root. The assault was once in part imaginable because of the lifestyles of an HTTP proxy constructed into Shill. The proxy was once got rid of on the time through Chrome OS builders as phase of a repair.

Developers now need to be sure that Shill can’t be abused for malicious functions, which is why they have got positioned it in a sandbox and stripped it of its root privileges.

Blog posts pronouncing strong channel updates for Chrome OS most often handiest point out “security updates,” with out offering any main points.

Security enhancements have handiest been summarized on a couple of events up to now 12 months, together with mitigations for the Spectre and Meltdown assaults, patches for the Foreshadow (L1TF) vulnerabilities, and an undisclosed use-after-free malicious program within the GPU that has been categorized as “high severity.”

Related: Code Execution Flaw in SQLite Affects Chrome, Other Software

Related: Google Tightens Rules for Chrome Extensions

Related: More Chrome OS Devices Receive Meltdown, Spectre Patches

Related: Latest Version of Chrome Improves Password Management, Patches 40 Flaws

gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw== - Chrome OS Network Manager Sandboxed, Stripped of Root Privileges
gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw== - Chrome OS Network Manager Sandboxed, Stripped of Root Privileges
vlc responds to criticism over lack of https for updates - Chrome OS Network Manager Sandboxed, Stripped of Root Privileges

Eduard Kovacs (@EduardKovacs) is a contributing editor at SecurityWeek. He labored as a highschool IT instructor for 2 years sooner than beginning a profession in journalism as Softpedia’s safety information reporter. Eduard holds a bachelor’s level in commercial informatics and a grasp’s level in pc ways carried out in electric engineering.

Previous Columns through Eduard Kovacs:
gif;base64,R0lGODlhAQABAAAAACH5BAEKAAEALAAAAAABAAEAAAICTAEAOw== - Chrome OS Network Manager Sandboxed, Stripped of Root PrivilegesTags:

LEAVE A REPLY

Please enter your comment!
Please enter your name here