Every few days, weeks, or months, it seems, there’s an announcement that this VM or that web browser has a newly discovered vulnerability that allows someone to arbitrarily execute code outside of the intended “sandbox”. And while I am a software developer, and understand the basic nature of some of the exploits taking advantages of flaws, over-writing memory, etc. I still don’t seem to accept or fully understand why there’s no way to create an environment in which it was effectively/absolutely impossible — as opposed to semi routine. Can anyone explain it to me?
In: 0
Well, there are some points you can’t avoid. Your program has to run on real hardware, it has to receive user input and it has to output the result to someone, so your sandbox needs entry and exit wich means it cannot be closed off completely.
The vulnerabilities can be super weird stuff that you wouldn’t even consider to be dangerous when constructing it. As an example there is a hardware exploit called “rowhammer” wich uses electromagnetic interference in the hardware to flip protected memory cells (by hammering alternating bits into adjactant memory cells). To avoid that you must prevent the code from accessing memory cells that are physically close together. How would a programmer have foreseen that issue before someone discovered the exploit?
Latest Answers