Problem: Extensions Accepting permissions is an all or nothing affair. Users have no opportunity to intervene. Ask for too broad permissions. Use private information maliciously. o Sensitive information is protected by chrome.* APIs o Access to HTTPS pages o Steal history for advertisement purposes o Get cookies or other private data for other uses
Threat Model Malicious developers They can trick users into installing/running their extensions They can steal secret data without users knowledge Malicious extensions can access network Users will agree to the permissions without reading them o Malicious extensions can have any permission they want
ICE Sandbox Chrome Extensions Interpose on Permissions o Bookmarks o Cookies o History o Management Whitelist/Blacklist URLs Shell Interface lopopolo.github.com/ice/
Interesting Things Packaging Chrome extensions is not simple o Needs to be signed in CRX format when packaging slimit is not bug-free. It barfs on raw JSON The management permission allows extensions to inspect other extensions. This forced us to preserve the original manifest in case the extension requests info about itself
Your consent to our cookies if you continue to use this website.