Fixing Races for Fun and Profit: How to abuse atime

被引：0

作者：

Borisov, N ^{[1
]}

Johnson, R ^{[1
]}

Sastry, N ^{[1
]}

Wagner, D ^{[1
]}

机构：

[1] Univ Calif Berkeley, Berkeley, CA 94720 USA

来源：

USENIX ASSOCIATION PROCEEDINGS OF THE 14TH USENIX SECURITY SYMPOSIUM | 2005年

关键词：

D O I：

暂无

中图分类号：

TP [自动化技术、计算机技术];

学科分类号：

0812 ;

摘要：

Dean and Hu proposed a probabilistic countermeasure to the classic access(2)/open(2) TOCTTOU race condition in privileged Unix programs [4]. In this paper, we describe an attack that succeeds with very high probability against their countermeasure. We then consider a stronger randomized variant of their defense and show that it, too, is broken. We conclude that access(2) must never be used in privileged Unix programs. The tools we develop can be used to attack other filesystem races, underscoring the importance of avoiding such races in secure software.

引用

页码：303 / 314

页数：12

共 12 条

[1]

Bishop M, 1996, COMPUT SYST, V9, P131

[2]

Chen H, 2002, USENIX ASSOCIATION PROCEEDINGS OF THE 11TH USENIX SECURITY SYMPOSIUM, P171

[3]

CHEN H, 2004, P 11 ANN NETW DISTR, P171

[4]

Dean D, 2004, USENIX ASSOCIATION PROCEEDINGS OF THE 13TH USENIX SECURITY SYMPOSIUM, P195

[5]

Hardy N., 1988, Operating Systems Review, V22, P36, DOI 10.1145/54289.871709

[6]

Ko C, 2002, P IEEE S SECUR PRIV, P177, DOI 10.1109/SECPRI.2002.1004370

[7] Secure applications need flexible operating systems [J].

Mazieres, D ;

Kaashoek, MF .

SIXTH WORKSHOP ON HOT TOPICS IN OPERATING SYSTEMS, PROCEEDINGS, 1997, :56-61

[8] OPERATING SYSTEM INTEGRITY IN OS-VS2 [J].

MCPHEE, WS .

IBM SYSTEMS JOURNAL, 1974, 13 (03) :230-252

[9]

SCHMUCK F, 1991, P 13 ACM S OP SYST P, P239

[10]

SCHWARZ B, 2005, UCBCSD051384

← 1 2 →