Questions tagged [process]
The process tag has no summary.
84 questions
7votes
3answers
3kviews
Preventing a process from running a subcommand
I have a (web-)application which has the feature, that it allows some of its users to execute certain shell commands. E.g., I can authorize the user jdoe to run the find command. That user can add ...
- 1,361
0votes
0answers
75views
How to exploit Python script and sudo subprocess shared file handle?
I am wondering what attacks would be theoretically possible against a Python script that executes a subprocess involving sudo. I know that asking for the sudo password using input() or getpass(), then ...
0votes
0answers
65views
Using Process Monitor to detect any attempt of using network ressources?
could someone please help me with the following issue? I have completely disconnected my PC from the network and would now like to check if there are any processes trying to establish a network ...
12votes
5answers
4kviews
Is loss of availability automatically a security incident?
Suppose you need to define for an organization what should be considered an information security incident which, when observed, triggers security incident response (investigate, contain, eradicate, ...
- 495
1vote
1answer
63views
Is beneficial to have one process listing multiple ports to block country?
I have two process, one run as user client, another run as user inspector The web app admin ( process client ) port 8080 The web app customer ( process client ) port 8081 Single app process listing ...
- 171
1vote
3answers
352views
Does emulation/software virtualization provide more isolation/security vs hardware virtualization?
From my understanding: I can emulate many different architectures and systems with qemu as a user(mode) process. There is separate user address space per process. If a malicious process were to ...
- 11
1vote
2answers
265views
Fake process after Ubuntu install [closed]
after Ubuntu installation, I have a fake process after I run this command: ps auxww | grep \\[ | awk '{print $2}' | xargs -I % sh -c 'echo PID: %; sha1sum /proc/%/exe' 2> /dev/null From this ...
- 131
3votes
1answer
371views
accessing ELF in memory (Unix/Linux)
On Linux (and maybe UNIX), you can access and even modify process's stack with things like ptrace, process_vm_ready, etc., but is there a way to access the copy of the binary that's being executed ...
- 209
0votes
1answer
374views
How does anti-cheat prevent mocking itself?
As far as I understand, usually the game anti-cheat runs in another process from the game client. This makes it obvious to try to simulate anti-cheat, for example, to replace it with your program, ...
1vote
1answer
213views
Is IBM's "Security and Privacy by Design" practices based on any earlier standard or guideline?
The following process overview schematic is derived from IBM's Security in Development The IBM Secure Engineering Framework, but I think I've seen a very similar process diagram before, though I ...
1vote
1answer
303views
Suspicious IPs in Game Processes—Could This Be Process Injection?
I downloaded a program called Process Monitor from Microsoft Store. I see suspicious IP addresses popping up among my cod.exe processes. Moreover, these suspicious IP addresses communicate through the ...
- 37
1vote
1answer
320views
Purpose of Real UID in spite of setresuid()
While reading the manual page of setresuid() a question arose about the purpose of Real UID. As mentioned in the man page: setresuid() sets the real user ID, the effective user ID, and the saved set-...
0votes
0answers
1kviews
lsass.exe spawning lsass.exe
In logs, I found lsass.exe spawning lsass.exe. C:\Windows\System32\smss.exe C:\Windows\System32\smss.exe C:\Windows\System32\wininit.exe C:\Windows\System32\lsass.exe C:\WINDOWS\system32\...
3votes
1answer
262views
Child processes vs microservices for communication between components
This is a question for operating system security experts. We have an application using one platform/language, and it has to integrate with a library that uses another platform/language. There is no ...
- 254
1vote
0answers
79views
Clarification on log4j Service Requirements [duplicate]
We're currently trying to prioritize our mitigations for CVE-2021-44228. The obvious priority is to deal with any Internet facing java (apache?) applications that use a vulnerable log4j library and\or ...
