One of the main reasons I went to BlackHat last week was for David LeBlanc and his presentation about windows sandboxing. Unfortunately I missed it. I really don't know what happened. David was the last one of a series of three 20minute talks. I was there for the first two but it looked like they cancelled both of them. Thinking that they cancelled the series, I left the room and went to see the fuzzing talk by Pedram Amini (Very interesting by the way).
Fortunately David blogged about his presentation:
Part 1:
Fortunately David blogged about his presentation:
Part 1:
http://blogs.msdn.com/david_leblanc/archive/2007/07/27/practical-windows-sandboxing-part-1.aspx
Part 2:
Part 2:
http://blogs.msdn.com/david_leblanc/archive/2007/07/30/practical-windows-sandboxing-part-2.aspx
Part 3:
Part 3:
http://blogs.msdn.com/david_leblanc/archive/2007/07/31/practical-windows-sandboxing-part-3.aspx
This is actually really interesting and it's awesome that restricted tokens and job objects are now used for sandboxing by Microsoft. I really wish I hadn't missed this talk!
This is actually really interesting and it's awesome that restricted tokens and job objects are now used for sandboxing by Microsoft. I really wish I hadn't missed this talk!
No comments:
Post a Comment