Race Condition Attack Countermeasures

Topics

Race Condition Page 1

What is Race Condition 

Race Condition Page 2

A Vulnerable Program 

Race Condition Page 3

Another Vulnerable Program

Race Condition Page 4

How to Attack

Race Condition Page 5

Attacking Script

Race Condition Page 6

Question 

Here is another piece of code int flag; …… if (flag == 0) { write_to_file(f); } else { // print out eror }    

Race Condition Page 7

Countermeasures

Race Condition Page 8

Make Operation Atomic 

Race Condition Page 9

Check‐Use‐Repeating Approach

Race Condition Page 10

Race Condition Page 11

Ubuntu's Sticky Link Protection 

Turn on the protection

What the protection mean

The result

Race Condition Page 12

Least Privilege Principle

Race Condition Page 13

Question

We are thinking about using the least‐privilege principle to defend against the buffer‐overflow attack. Namely, before executing the vulnerable function, we disable the root privilege; after the vulnerable function returns, we enable the privilege back. 

Does this work? Why or why not?

Race Condition Page 14