Author Topic: [FAQ] Convenient yet treacherous Open File Access feature  (Read 692 times)

fixer

  • Administrator
  • Hero Member
  • *****
  • Posts: 1392
[FAQ] Convenient yet treacherous Open File Access feature
« on: June 03, 2017, 11:25:10 am »
From ReHIPS documentation:
Quote
Set access rights for the double-clicked file. Quite often we use double-click to open a file in some default program. When this program is isolated, it can't access opened file for writing in most cases (and for reading in some cases). To avoid this problem ReHIPS can grant access to the opened with double-click file.
Convinient? Unquestionably. But as you probably know something is either convenient or secure. So what's the security penalty for using this feature?

In case your isolated application goes haywire it may corrupt the file being opened as it now has write access to it - that's quite obvious and straightforward. What else?

As you probably noticed, folder the file resides in has ADD_FILE allowed access right to isolated program, it allows isolated program to create files in that folder. Why in heaven it's done, you may ask. Well, some Office versions don't care about temp folder and tend to create temp files in the same folder the file they work with resides. It fails to save file and complains if it doesn't have ADD_FILE access to the folder. So yeah, we had to take a road of convenience here and allowed that access right. It's not that dangerous, but it's good to keep that in mind.

And last, but not least - the file being opened may become infected. I must say that I haven't heard of such threat, but in theory it's possible, so forewarned is forearmed. For example our isolated environment is compromised. And compromised in a tricky way that it infects every opened file with exploit. Like compromised Word infects doc files it opens. When these files reside in ReHIPS folder, it's usually expectable as these are psychologically special folders, but it may be forgotten when the file resides in some usual folder and is opened with double-click.

Though opening files with double-click is pretty safe and threats described above are mostly hypothetical, the most secure way to work with files is through subfolders of ReHIPS folder. What is ReHIPS folder? We'll talk about this in my next blogpost (updated: here it is https://forum.rehips.com/index.php?topic=9487.0).

P.S. It's discouraged to open with this feature the same file in different isolated environments simultaneously.
« Last Edit: July 02, 2018, 05:59:28 pm by fixer »