12th USENIX Security Symposium Abstract
Pp. 243-256 of the Proceedings
Dynamic Detection and Prevention of Race Conditions in File Accesses
Eugene Tsyrklevich and Bennet Yee, University of California, San Diego
Race conditions in filesystem accesses occur when sequences of
filesystem operations are not carried out in an isolated manner.
Incorrect assumptions of filesystem namespace access isolation allow
attackers to elevate their privileges without authorization by
changing the namespace bindings. To address this security issue, we
propose a mechanism for keeping track of all filesystem operations and
possible interferences that might arise. If a filesystem operation is
found to be interfering with another operation, it is temporarily
suspended allowing the first process to access a file object to
proceed, thereby reducing the size of the time window when a race
condition exists. The above mechanism is shown to be effective at
stopping all realistic filesystem race condition attacks known to us
with minimal performance overhead.
- View the full text of this paper in HTML and
Until August 2004, you will need your USENIX membership identification in order to access the full papers. The Proceedings are published as a collective work, © 2003 by the USENIX Association. All Rights Reserved. Rights to individual papers remain with the author or the author's employer. Permission is granted for the noncommercial reproduction of the complete work for educational or research purposes. USENIX acknowledges all trademarks within this paper.
- If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.