|
|
|
Modern Operating Systems by Herbert Bos and Andrew S. Tanenb...
Modern_Operating_Systems_by_Herbert_Bos_and_Andrew_S._Tanenbaum_4th_Ed.pdf
Showing 688 out of 1137
Modern Operating Systems by Herbert Bos and Andrew...
Modern_Operating_Systems_by_Herbert_Bos_and_Andrew_S._Tanenbaum_4th_Ed.pdf-M ODERN O PERATING S YSTEMS
Modern Operating Systems by Herbert...
Modern_Operating_Systems_by_Herbert_Bos_and_Andrew_S._Tanenbaum_4th_Ed.pdf-M ODERN O PERATING S YSTEMS
Page 688
SEC. 9.7
EXPLOITING SOFTWARE
657
To prevent this, the program performs a check to make sure the user has write
access to the file by means of the
access
system call.
The call checks the actual
file (i.e., if it is a symbolic link, it will be dereferenced), returning 0 if the re-
quested access is allowed and an error value of -1 otherwise. Moreover, the check
is carried out with the calling process’
real
UID, rather than the
effective
UID (be-
cause otherwise a SETUID process would always have access). Only if the check
succeeds will the program proceed to open the file and write the user input to it.
The program looks secure, but is not. The problem is that the time of the ac-
cess check for privileges and the time at which the privileges are used are not the
same. Assume that a fraction of a second after the check by
access
, the attacker
manages to create a symbolic link with the same file name to the password file. In
that case, the
open
will open the wrong file, and the write of the attacker’s data will
end up in the password file. To pull it off, the attacker has to race with the program
to create the symbolic link at exactly the right time.
The attack is known as a
TOCTOU
(
Time of Check to Time of Use
) attack.
Another way of looking at this particular attack is to observe that the
access
system
call is simply not safe. It would be much better to open the file first, and then check
the permissions using the file descriptor instead—using the
fstat
function. File de-
scriptors are safe, because they cannot be changed by the attacker between the
fstat
and
write
calls. It shows that designing a good API for operating system is ex-
tremely important and fairly hard. In this case, the designers got it wrong.
9.8 INSIDER ATTA CKS
Awhole different category of attacks are what might be termed ‘‘inside jobs.’’
These are executed by programmers and other employees of the company running
the computer to be protected or making critical software. These attacks differ from
external attacks because the insiders have specialized knowledge and access that
outsiders do not have. Below we will give a few examples; all of them have oc-
curred repeatedly in the past. Each one has a different flavor in terms of who is
doing the attacking, who is being attacked, and what the attacker is trying to
achieve.
9.8.1 Logic Bombs
In these times of massive outsourcing, programmers often worry about their
jobs. Sometimes they even take steps to make their potential (involuntary) depar-
ture less painful. For those who are inclined toward blackmail, one strategy is to
write a
logic bomb
.
This device is a piece of code written by one of a company’s
(currently employed) programmers and secretly inserted into the production sys-
tem. As long as the programmer feeds it its daily password, it is happy and does
nothing. However, if the programmer is suddenly fired and physically removed
Ace your assessments! Get Better Grades
Browse thousands of Study Materials & Solutions from your Favorite Schools
Concordia University
Concordia_University
School:
Operating_Systems
Course:
Great resource for chem class. Had all the past labs and assignments
Leland P.
Santa Clara University
Introducing Study Plan
Using AI Tools to Help you understand and remember your course concepts better and faster than any other resource.
Find the best videos to learn every concept in that course from Youtube and Tiktok without searching.
Save All Relavent Videos & Materials and access anytime and anywhere
Prepare Smart and Guarantee better grades
Know more
Students also viewed documents
lab 18.docx
lab_18.docx
Course
Course
3
Module5QuizSTA2023.d...
Module5QuizSTA2023.docx.docx
Course
Course
10
Week 7 Test Math302....
Week_7_Test_Math302.docx.docx
Course
Course
30
Chapter 1 Assigment ...
Chapter_1_Assigment_Questions.docx.docx
Course
Course
5
Week 4 tests.docx.do...
Week_4_tests.docx.docx
Course
Course
23
Week 6 tests.docx.do...
Week_6_tests.docx.docx
Course
Course
106
