Free Online Productivity Tools
i2Speak
i2Symbol
i2OCR
iTex2Img
iWeb2Print
iWeb2Shot
i2Type
iPdf2Split
iPdf2Merge
i2Bopomofo
i2Arabic
i2Style
i2Image
i2PDF
iLatex2Rtf
Sci2ools
VEE
2012
ACM
2012
ACM
Protecting applications against TOCTTOU races by user-space caching of file metadata
Time Of Check To Time Of Use (TOCTTOU) race conditions for file accesses in user-space applications are a common problem in Unix-like systems. The mapping between filename and inode and device is volatile and can provide the necessary preconditions for an exploit. Applications use filenames as the primary attribute to identify files but the mapping between filenames and inode and device can be changed by an attacker. DynaRace is an approach that protects unmodified applications from file-based TOCTTOU race conditions. DynaRace uses a transparent mapping cache that keeps additional state and metadata for each accessed file in the application. The combination of file state and the current system call type are used to decide if (i) the metadata is updated or (ii) the correctness of the metadata is enforced between consecutive system calls. DynaRace uses user-mode path resolution internally to resolve individual file atoms. Each file atom is verified or updated according to th...
Real-time TrafficNecessary Preconditions | Programming Languages Processors | Time Environments | VEE 2012 | Virtualization |
| Added | 25 Apr 2012 |
| Updated | 25 Apr 2012 |
| Type | Journal |
| Year | 2012 |
| Where | VEE |
| Authors | Mathias Payer, Thomas R. Gross |
Comments (0)
Researcher Info
|
