[转载]Automatic Configuration Vulnerability Analysis (自动配置漏洞分析)
原始出处:[url]www.cs.princeton.edu[/url](普林斯顿大学计算机学院)[b]Abstract[/b]
We have constructed a logical model of Windows XP access control, in a declarative but executable
(Datalog) format. We have built a scanner that reads access-control configuration information from the Windows registry, file system, and service control manager database, and feeds raw configuration data to the model. We found a surprising result: commercial software from major vendors routinely has userto-administrator privilege-escalation vulnerabilities that result not from buffer overruns (or other bugs
inside the software) but just from misconfigurations of permissions and registry entries. Our scanner and analyzer run efficiently, and quickly detect these configuration bugs. Furthermore, our new Windows
model can be combined with previous models of Unix, firewalls, and CERT advisories to give a more accurate global picture of the vulnerabilities in a heterogenous enterprise network. Our tool could be used by software vendors (and system integrators) to improve their installation configurations and bysysadmins for day-to-day vulnerability analysis.
页:
[1]