W3C home > Mailing lists > Public > public-webappsec@w3.org > January 2013

RE: Browser Sandbox Security by internal attack

From: Fred Andrews <fredandw@live.com>
Date: Fri, 11 Jan 2013 21:34:14 +0000
Message-ID: <BLU002-W902F2DB90AE5E1CB86E745AA290@phx.gbl>
To: Mountie Lee <mountie.lee@mw2.or.kr>, Web Application Security Working Group <public-webappsec@w3.org>

Hi Mountie,

The web browser does not consider the OS a threat.  The OS is privileged.

cheers
Fred

From: mountie.lee@mw2.or.kr
Date: Fri, 11 Jan 2013 19:04:55 +0900
To: public-webappsec@w3.org
Subject: Browser Sandbox Security by internal attack

Hi.
the current CSP's aim is protecting browser sandbox by external attack.how strong the browser sandbox from internal attack (from OS)?
my question is based on that user environment can be easily compromised.


regardsmountie.-- 
Mountie Lee

PayGateCTO, CISSP
Tel : +82 2 2140 2700
E-Mail : mountie@paygate.net



=======================================
PayGate Inc.
THE STANDARD FOR ONLINE PAYMENT
for Korea, Japan, China, and the World 		 	   		  
Received on Friday, 11 January 2013 21:34:42 GMT

This archive was generated by hypermail 2.2.0+W3C-0.50 : Friday, 11 January 2013 21:34:42 GMT