Experience with transactions in QuickSilver
SOSP '91 Proceedings of the thirteenth ACM symposium on Operating systems principles
ITS4: A static vulnerability scanner for C and C++ code
ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
Dynamic detection and prevention of race conditions in file accesses
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Preventing race condition attacks on file-systems
Proceedings of the 2005 ACM symposium on Applied computing
TOCTTOU vulnerabilities in UNIX-style file systems: an anatomical study
FAST'05 Proceedings of the 4th conference on USENIX Conference on File and Storage Technologies - Volume 4
Dynamic detection and prevention of race conditions in file accesses
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Fixing races for fun and profit: how to use access(2)
SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Fixing races for fun and profit: how to abuse atime
SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Portably solving file TOCTTOU races with hardness amplification
FAST'08 Proceedings of the 6th USENIX Conference on File and Storage Technologies
Portably solving file races with hardness amplification
ACM Transactions on Storage (TOS)
On Race Vulnerabilities in Web Applications
DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Pervasive detection of process races in deployed systems
SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Protecting applications against TOCTTOU races by user-space caching of file metadata
VEE '12 Proceedings of the 8th ACM SIGPLAN/SIGOPS conference on Virtual Execution Environments
HotPar'12 Proceedings of the 4th USENIX conference on Hot Topics in Parallelism
STING: finding name resolution vulnerabilities in programs
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Proceedings of the 2012 workshop on New security paradigms
Hi-index | 0.00 |
Race conditions in filesystem accesses occur when sequences of filesystem operations are not carried out in an isolated manner. Incorrect assumptions of filesystem namespace access isolation allow attackers to elevate their privileges without authorization by changing the namespace bindings. To address this security issue, we propose a mechanism for keeping track of all filesystem operations and possible interferences that might arise. If a filesystem operation is found to be interfering with another operation, it is temporarily suspended allowing the first process to access a file object to proceed, thereby reducing the size of the time window when a race condition exists. The above mechanism is shown to be effective at stopping all realistic filesystem race condition attacks known to us with minimal performance overhead.