Dynamic detection and prevention of race conditions in file accesses

Authors:
Eugene Tsyrklevich;Bennet Yee
Affiliations:
Department of Computer Science and Engineering, University of California, San Diego;Department of Computer Science and Engineering, University of California, San Diego
Venue:
SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Year:
2003

Citing 3
Cited 13

Experience with transactions in QuickSilver

SOSP '91 Proceedings of the thirteenth ACM symposium on Operating systems principles
ITS4: A static vulnerability scanner for C and C++ code

ACSAC '00 Proceedings of the 16th Annual Computer Security Applications Conference
Dynamic detection and prevention of race conditions in file accesses

SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12

Preventing race condition attacks on file-systems

Proceedings of the 2005 ACM symposium on Applied computing
TOCTTOU vulnerabilities in UNIX-style file systems: an anatomical study

FAST'05 Proceedings of the 4th conference on USENIX Conference on File and Storage Technologies - Volume 4
Dynamic detection and prevention of race conditions in file accesses

SSYM'03 Proceedings of the 12th conference on USENIX Security Symposium - Volume 12
Fixing races for fun and profit: how to use access(2)

SSYM'04 Proceedings of the 13th conference on USENIX Security Symposium - Volume 13
Fixing races for fun and profit: how to abuse atime

SSYM'05 Proceedings of the 14th conference on USENIX Security Symposium - Volume 14
Portably solving file TOCTTOU races with hardness amplification

FAST'08 Proceedings of the 6th USENIX Conference on File and Storage Technologies
Portably solving file races with hardness amplification

ACM Transactions on Storage (TOS)
On Race Vulnerabilities in Web Applications

DIMVA '08 Proceedings of the 5th international conference on Detection of Intrusions and Malware, and Vulnerability Assessment
Pervasive detection of process races in deployed systems

SOSP '11 Proceedings of the Twenty-Third ACM Symposium on Operating Systems Principles
Protecting applications against TOCTTOU races by user-space caching of file metadata

VEE '12 Proceedings of the 8th ACM SIGPLAN/SIGOPS conference on Virtual Execution Environments
Concurrency attacks

HotPar'12 Proceedings of the 4th USENIX conference on Hot Topics in Parallelism
STING: finding name resolution vulnerabilities in programs

Security'12 Proceedings of the 21st USENIX conference on Security symposium
Holographic vulnerability studies: vulnerabilities as fractures in interpretation as information flows across abstraction boundaries

Proceedings of the 2012 workshop on New security paradigms

Quantified Score

Hi-index	0.00

Visualization

Abstract

Race conditions in filesystem accesses occur when sequences of filesystem operations are not carried out in an isolated manner. Incorrect assumptions of filesystem namespace access isolation allow attackers to elevate their privileges without authorization by changing the namespace bindings. To address this security issue, we propose a mechanism for keeping track of all filesystem operations and possible interferences that might arise. If a filesystem operation is found to be interfering with another operation, it is temporarily suspended allowing the first process to access a file object to proceed, thereby reducing the size of the time window when a race condition exists. The above mechanism is shown to be effective at stopping all realistic filesystem race condition attacks known to us with minimal performance overhead.