If some system of DAC is implemented, the OS then has system and user levels. The system level requires authentication to modify. The user level does not.
In Mac OS X and most Linux distros, DAC is implemented via Unix permissions and ACLs. Users enter a username and password in the authentication prompt to access areas of the system restricted by DAC.
In Windows, DAC is implemented via ACLs. DAC is referred to as UAC in Windows and the UAC prompt is the GUI to authenticate prompts related to DAC.
All processes use MIC in Windows Vista/7.
MIC works via integrity levels. A process can modify anything (files or another process) with an equal or lesser integrity level.
So, functionally, only processes assigned a low integrity level are sandboxed in relation to other implementations of sandboxing, such as MAC used in OS X and Linux.
MIC is basically an extension of DAC. It is not a sandbox in the same sense as MAC (mandatory access control), which is used in OS X and Linux. This is because MIC functions via inherited permissions unlike MAC, which has defined rules per process.
Because MIC is an extension of DAC, MIC is disabled if UAC is disabled. This only applies to admin accounts because the ACLs apply differently to standard accounts. Disabling UAC in standard accounts only removes the ability to authenticate changes from that account; it does not remove the restrictions of the ACLs.
Increasing the restrictions set by UAC increases the number of exploits required to get system level access.
If UAC is disabled, which also disables MIC, then potentially only one exploit is required to get system level access (same level of security as a Windows XP admin account).
In Mac OS X and most Linux distros, DAC is implemented via Unix permissions and ACLs. Users enter a username and password in the authentication prompt to access areas of the system restricted by DAC.
In Windows, DAC is implemented via ACLs. DAC is referred to as UAC in Windows and the UAC prompt is the GUI to authenticate prompts related to DAC.
I thought windows MIC or sanbox is only for IE ? So things do not run out side the sanbox?
All processes use MIC in Windows Vista/7.
MIC works via integrity levels. A process can modify anything (files or another process) with an equal or lesser integrity level.
So, functionally, only processes assigned a low integrity level are sandboxed in relation to other implementations of sandboxing, such as MAC used in OS X and Linux.
MIC is basically an extension of DAC. It is not a sandbox in the same sense as MAC (mandatory access control), which is used in OS X and Linux. This is because MIC functions via inherited permissions unlike MAC, which has defined rules per process.
Because MIC is an extension of DAC, MIC is disabled if UAC is disabled. This only applies to admin accounts because the ACLs apply differently to standard accounts. Disabling UAC in standard accounts only removes the ability to authenticate changes from that account; it does not remove the restrictions of the ACLs.
So with good MIC or sanbox malware cannot get on the system but a weak MIC or sanbox , malware can bypass it and get on the system.
Increasing the restrictions set by UAC increases the number of exploits required to get system level access.
If UAC is disabled, which also disables MIC, then potentially only one exploit is required to get system level access (same level of security as a Windows XP admin account).
Last edited: