[WEB SECURITY] On sandboxes, and why you should care

Stephen de Vries stephen at corsaire.com
Fri Mar 31 22:16:08 EST 2006

On 31 Mar 2006, at 23:01, Ivan Ristic wrote:
> I have to disagree. What you are saying may be true for one
> application, but if you consider that large organisations typically
> have many applications installed, each with its own set of crown
> jewels, putting a sandbox around one of them makes much more sense.
> Otherwise the attacker is just going to jump from one to another, then
> to another, and so on, until all the jewels are gone.

Yes, I was talking about a single application running in a single  
VM.  I agree completely that where applications share a VM, they  
should be segregated.

> I'd like to see all applications run in virtual environments by
> default, sandboxed, with no access to outside resources, except when
> access is explicitly granted.
> On a similar point, the fact that most web applications require
> unlimited access to the database is a fundamental weakness of our
> current development model. We would be much better off if our
> applications were compartmentalised with each compartment sandboxed
> and given just enough privileges it needs to function. Of course, I
> understand why this scenario is rarely, if ever, seen in real life -
> it's damn hard and expensive to develop application this way.
> --
> Ivan Ristic, Technical Director
> Thinking Stone, http://www.thinkingstone.com
> ModSecurity: Open source Web Application Firewall

Stephen de Vries
Corsaire Ltd
E-mail: stephen at corsaire.com
Tel:	+44 1483 226014
Fax: 	+44 1483 226068
Web: 	http://www.corsaire.com

The Web Security Mailing List

The Web Security Mailing List Archives

More information about the websecurity mailing list