[Author Prev][Author Next][Thread Prev][Thread Next][Author Index][Thread Index]

Re: Access from a local file



On Wed, 17 Feb 2010 11:18:03 -0800 (PST), Martin Fick <mogulguy@xxxxxxxxx>
wrote:
> --- On Wed, 2/17/10, Jon Cosby <jon@xxxxxxxxxx> wrote:
>> 
>> I'm referring to links from file:// urls. By default,
>> Torbutton blocks this, and has it "recommended."
> 
> Ah, you mean the file protocol.  Firefox itself tends to have this
> disabled by default also.  One of the reasons is to prevent malicious
users
> from including file:// urls in an external webpage.  With file:// urls,
a
> webpage could be designed to test for the existence of local files on
your
> computer.  From an anonymity standpoint, if I can run a test that
verifies
> the existence of a specific file on your computer, one that I can prove
> only you would have on your computer, then I might be able to prove that
> you loaded my webpage.  
> 
> I suspect there are also ways potentially execute some local code on
your
> computer by accessing local files (depending on the OS, this might be
> harder or easier to achieve).  If that's the case, perhaps depending on
the
> program, by executing it locally, I might be able to detect this
remotely. 
> Maybe the program does something as simple as a DNS lookup that I can
sniff
> and then correlate to you...
> 
> And, finally, just because a file is accessed via a file:// url does not
> mean it is actually accessing a file locally.  It is accessing a file
via
> your local file system namespace, but this might be on a remotely
mounted
> drive/share making the remote server able to detect/prove this access,
once
> again, exposing your access of a webpage by at least the owner of the
> remote server/share.
> 
> I suspect that there are many more attacks based on this, that I have
only
> touched the tip of the iceberg...  Hope that helps,
> 

The only time I can ever recall coming across the protocol is in opening
files on my computer, and this has never been disabled. To fool somebody
into opening this file on a remote server, the cracker would need a copy of
the file, which would essentially require prior access to the computer. Or
am I missing something here?


Jon



***********************************************************************
To unsubscribe, send an e-mail to majordomo@xxxxxxxxxxxxxx with
unsubscribe or-talk    in the body. http://archives.seul.org/or/talk/