资料介绍
apple-sandboxThe Apple Sandbox
Dionysus Blazakis dion@securityevaluators.com January 11, 2011
1 Introduction
Despite the never ending proclamations of the end of memory corruption vulnerabilities, modern software continues to fall to exploits taking advantage of these bugs. Current operating systems incorporate a battery of exploit mitigations [4][10][3] making life signicantly more complex for attackers turning these bugs into attacks. Additionally, developers are becoming increasingly aware of the security implications of previously idiomatic code. Leading software publishers are teaching defensive coding techniques and have adopted an oensive mindset for product testing [9][1][8]. And yet, a single vulnerability can still provide the attacker the leverage needed to gain entry. Security researchers