Exploiting Concurrency Vulnerabilities in System Call Wrappers
نویسنده
چکیده
System call interposition allows the kernel security model to be extended. However, when combined with current operating systems, it is open to concurrency vulnerabilities leading to privilege escalation and audit bypass. We discuss the theory and practice of system call wrapper concurrency vulnerabilities, and demonstrate exploit techniques against GSWTK, Systrace, and CerbNG.
منابع مشابه
A Survey of Concurrency Control Algorithms in the Operating Systems
Concurrency control is one of the important problems in operation systems. Various studies have been reported to present different algorithms to address this problem, although a few attempts have been made to represent an overall view of the characteristics of these algorithms and comparison of their capabilities to each other. This paper presents a survey of the current methods for controlling...
متن کاملDetecting and Countering System Intrusions Using Software Wrappers
This paper introduces an approach that integrates intrusion detection (ID) techniques with software wrapping technology to enhance a system's ability to defend against intrusions. In particular, we employ the NAI Labs Generic Software Wrapper Toolkit to implement all or part of an intrusion detection system as ID wrappers. An ID wrapper is a software layer dynamically inserted into the kernel t...
متن کاملNetwork Vulnerability Analysis Through Vulnerability Take-Grant Model (VTG)
Modeling and analysis of information system vulnerabilities helps us to predict possible attacks to networks using the network configuration and vulnerabilities information. As a fact, exploiting most of vulnerabilities result in access rights alteration. In this paper, we propose a new vulnerability analysis method based on the Take-Grant protection model. We extend the initial TakeGrant model...
متن کاملAn Improved Token-Based and Starvation Free Distributed Mutual Exclusion Algorithm
Distributed mutual exclusion is a fundamental problem of distributed systems that coordinates the access to critical shared resources. It concerns with how the various distributed processes access to the shared resources in a mutually exclusive manner. This paper presents fully distributed improved token based mutual exclusion algorithm for distributed system. In this algorithm, a process which...
متن کاملA Survey of Concurrency Control Algorithms in the Operating Systems
Concurrency control is one of the important problems in operation systems. Various studies have been reported to present different algorithms to address this problem, although a few attempts have been made to represent an overall view of the characteristics of these algorithms and comparison of their capabilities to each other. This paper presents a survey of the current methods for controlling...
متن کامل