Upload
others
View
1
Download
0
Embed Size (px)
Citation preview
Race Condition Attack Countermeasures
Topics
Race Condition Page 1
What is Race Condition
Race Condition Page 2
A Vulnerable Program
Race Condition Page 3
Another Vulnerable Program
Race Condition Page 4
How to Attack
Race Condition Page 5
Attacking Script
Race Condition Page 6
Question
Here is another piece of code int flag; …… if (flag == 0) { write_to_file(f); } else { // print out eror }
Race Condition Page 7
Countermeasures
Race Condition Page 8
Make Operation Atomic
Race Condition Page 9
Check‐Use‐Repeating Approach
Race Condition Page 10
Race Condition Page 11
Ubuntu's Sticky Link Protection
Turn on the protection
What the protection mean
The result
Race Condition Page 12
Least Privilege Principle
Race Condition Page 13
Question
We are thinking about using the least‐privilege principle to defend against the buffer‐overflow attack. Namely, before executing the vulnerable function, we disable the root privilege; after the vulnerable function returns, we enable the privilege back.
Does this work? Why or why not?
Race Condition Page 14