From the course: Threat Modeling: Denial of Service and Elevation of Privilege
Unlock the full course today
Join today to access over 22,400 courses taught by industry experts or purchase this course individually.
Attenuation in defense
From the course: Threat Modeling: Denial of Service and Elevation of Privilege
Attenuation in defense
- [Instructor] What is attenuation? Let's imagine we have a command processor and it accepts commands of the form one, two, three with app one to ls, two to cat and three to rm. Another processor simply accepts commands. The client sends ls, rm or cat directly. The first processor is attenuating its privilege. It's narrowing what it's willing to do for its correspondence. Obviously Sudo does this, it is the poster child for doing so intentionally. But more to the point many programs control what they'll do on behalf of a client. This is most obvious with servers. A web server running as UID dub-dub-dub can run almost anything in user bin with any arguments at once but it doesn't pass that capability onto its clients the way the second processor does. Wiki sites are famous for letting anyone edit them but they restrict that to what's in the Wiki docs directory. They don't let just any one edit slash config. Similarly…
Contents
-
-
-
-
-
-
-
-
Ways to defend against EOP1m 10s
-
Validation to defend against elevation1m 32s
-
Validate for purpose to prevent elevations1m 56s
-
Validation not sanitization for defense1m 13s
-
Attenuation in defense2m 14s
-
Memory safety as a defensive tool2m 1s
-
Stack canaries to protect your code2m 20s
-
Sandboxes and isolation protect your environment2m 8s
-
Bolt-on or built-in defenses1m 26s
-
-