Bugtraq mailing list archives

Re: Can we prevent IE exploits a priori?

From: <bugtraq223344 () mailinator com>
Date: 12 Jul 2004 02:17:28 -0000

So I wanted to know, has anyone tried these programs successfully? 
Can anyone validate their claims? 
Better yet, does anyone have a link to a "how to" doc, that tells smart
geeks how to make the registry changes ourselves, so we don't have to rely
on some program to do it for us?


How about this: a sandbox that you can run IE in, controling things like:
-ShellExecute() calls such that only selected programs can be started
 by IE, say Notepad, Real Player, but not the MS-Help tool?
-truly prevents Java Script from running (IE had bugs in the past that
  allowed running javascript-code even if it was turned of)
-Only allow selected activeX controls to load (acrobat reader etc.)
-Deny TCP connections to certain sites 
etc. etc.

 http://www.heise.de/ct/ftp/projekte/iecontroller/

This software is free, sourcecode available (though not GPL!), but unfortunately
the documentation is in German. It was build by one of the German 
computer magazines (c't). If anybody is truly bored and speaks German,
a GPLed version of this would be incredibly useful. I also think that can do more than some registry hacks.

-Markus

Current thread:

Can we prevent IE exploits a priori? security-bugtraq (Jul 07)
- RE: Can we prevent IE exploits a priori? James C Slora Jr (Jul 08)
- Re: Can we prevent IE exploits a priori? Thor Larholm (Jul 09)
- <Possible follow-ups>
- RE: Can we prevent IE exploits a priori? Drew Copley (Jul 07)
  - Re: Can we prevent IE exploits a priori? Jason Coombs (Jul 09)
- Re: Can we prevent IE exploits a priori? bugtraq223344 (Jul 16)