Exploiting Unix File-System Races via Algorithmic Complexity Attacks

13 years 11 months ago

Download www.cs.sunysb.edu

We defeat two proposed Unix ﬁle-system race condition defense mechanisms. First, we attack the probabilistic defense mechanism of Tsafrir, et al., published at USENIX FAST 2008[26]. We then show that the same attack breaks the kernel-based dynamic race detector of Tsyrklevich and Yee, published at USENIX Security 2003[28]. We then argue that all kernel-based dynamic race detectors must have a model of the programs they protect or provide imperfect protection. The techniques we develop for performing these attacks work on multiple Unix operating systems, on uni- and multi-processors, and are useful for exploiting most Unix ﬁle-system races. We conclude that programmers should use provably-secure methods for avoiding race conditions when accessing the ﬁle-system.

Xiang Cai, Yuwei Gui, Rob Johnson

Real-time Traffic

Dynamic Race Detectors | Kernel-based Dynamic Race | Security Privacy | SP 2009 | Unix ﬁle-system Races |

claim paper

Post Info
More Details (n/a)

Added	21 May 2010
Updated	21 May 2010
Type	Conference
Year	2009
Where	SP
Authors	Xiang Cai, Yuwei Gui, Rob Johnson

Comments (0)

Sciweavers

Exploiting Unix File-System Races via Algorithmic Complexity Attacks

Dynamic Race Detectors | Kernel-based Dynamic Race | Security Privacy | SP 2009 | Unix ﬁle-system Races |

Explore & Download

Productivity Tools

Document Tools

Image Tools

Sciweavers