microsoft
/
msquic
зеркало из https://github.com/microsoft/msquic.git
1
0
Форкнуть 0
Код Задачи Пакеты Проекты Релизы Вики Активность

Threat Model Text Improvements (#4161)

This commit is contained in:
Nick Banks 2024-02-28 13:54:59 -05:00 коммит произвёл GitHub
Родитель d3fa5454ba
Коммит a554c4da68
Не найден ключ, соответствующий данной подписи
Идентификатор ключа GPG: B5690EEEBB952194
1 изменённых файлов: 1 добавлений и 1 удалений
Показать статистику Скачать Patch файл Скачать Diff файл Показать все файлы Свернуть все файлы

2
docs/ThreatModel.md
Просмотреть файл

@ -25,7 +25,7 @@ MsQuic runs in the same process as the calling application, for user mode. In th
- **Code injection**: An attacker could potentially inject malicious code into the process.
- **Data tampering**: An attacker could potentially modify the data being sent or received by the application.
These are not actually threats to MsQuic, but rather to the application using MsQuic. We are no more priviliged than the calling application. The application should implement its own security measures to protect against these threats.
These are not actually threats to MsQuic, but rather to the application using MsQuic. We are no more priviliged than the calling application. The application should implement its own security measures to protect against these threats, including using the most up-to-date version of MsQuic to keep up with the latest security fixes.
## Conclusion