Chrome OS Network Manager Sandboxed, Stripped of Root Privileges
The latest version of Google’s Chrome OS operating system brings some significant security improvements related to the Shill network manager, including a sandbox and fewer privileges.
Chrome OS 72 was released last week and Google informed customers that Shill has been placed in a sandbox and it no longer runs as the root user. Developers say these measures should help protect users against vulnerabilities and attacks such as the ones disclosed by a researcher back in December 2016.
The researcher showed that a series of flaws could have been exploited for arbitrary code execution in the web browser and to escalate privileges to root. The attack was partly possible due to the existence of an HTTP proxy built into Shill. The proxy was removed at the time by Chrome OS developers as part of a fix.
Developers now want to make sure that Shill cannot be abused for malicious purposes, which is why they have placed it in a sandbox and stripped it of its root privileges.
Blog posts announcing stable channel updates for Chrome OS typically only mention “security updates,” without providing any details.
Security improvements have only been summarized on a few occasions in the past year, including mitigations for the Spectre and Meltdown attacks, patches for the Foreshadow (L1TF) vulnerabilities, and an undisclosed use-after-free bug in the GPU that has been classified as “high severity.”