Loading...
Please wait, while we are loading the content...
Similar Documents
Protecting applications against TOCTTOU races by user-space caching of file metadata (2012)
| Content Provider | CiteSeerX |
|---|---|
| Author | Payer, Mathias Gross, Thomas R. |
| Description | Time Of Check To Time Of Use (TOCTTOU) race conditions for file accesses in user-space applications are a common problem in Unix-like systems. The mapping between filename and inode and device is volatile and can provide the necessary preconditions for an exploit. Applications use filenames as the primary attribute to identify files but the mapping between filenames and inode and device can be changed by an attacker. DynaRace is an approach that protects unmodified applications from file-based TOCTTOU race conditions. DynaRace uses a transparent mapping cache that keeps additional state and metadata for each accessed file in the application. The combination of file state and the current system call type are used to decide if (i) the metadata is updated or (ii) the correctness of the metadata is enforced between consecutive system calls. DynaRace uses user-mode path resolution internally to resolve individual file atoms. Each file atom is verified or updated according to the associated state in the mapping cache. More specifically, DynaRace protects against race conditions for all file-based system calls, by replacing the unsafe system calls with a set of safe system calls that utilize the mapping cache. The system call is executed only if the state transition is allowed and the information in the mapping cache matches. DynaRace deterministically solves the problem of file-based race conditions for unmodified applications and removes an attacker’s ability to exploit the TOCTTOU race condition. DynaRace detects injected alternate inode and device pairs and terminates the application. |
| File Format | |
| Language | English |
| Publisher Date | 2012-01-01 |
| Publisher Institution | In Proceedings of the Eighth International Conference on Virtual Execution Environments (VEE’12 |
| Access Restriction | Open |
| Subject Keyword | Transparent Mapping Cache User-space Application Primary Attribute Current System Call Type Tocttou Race Unmodified Application Device Pair User-space Caching Attacker Ability Additional State File Atom State Transition User-mode Path Resolution Injected Alternate Inode File-based Race Condition Tocttou Race Condition Necessary Precondition Unsafe System Common Problem File-based Tocttou Race Condition Mapping Cache Individual File Atom File Metadata File-based System Race Condition Mapping Cache Match File State System Call Unix-like System File Access Consecutive System Safe System |
| Content Type | Text |
| Resource Type | Article |
