Upload File

race condition attack countermeasures€¦ · race condition page 12 . least privilege principle...

  • Home
  • Documents
  • Race Condition Attack Countermeasures€¦ · Race Condition Page 12 . Least Privilege Principle Race Condition Page 13 . Question We are thinking about using the least‐privilege
14
Race Condition Attack Countermeasures Topics Race Condition Page 1

Upload: others

Post on 06-Oct-2020

2 views

Category:

Documents


0 download

Report

TRANSCRIPT

Page 1: Race Condition Attack Countermeasures€¦ · Race Condition Page 12 . Least Privilege Principle Race Condition Page 13 . Question We are thinking about using the least‐privilege

Race Condition Attack Countermeasures

Topics

Race Condition Page 1

Page 2: Race Condition Attack Countermeasures€¦ · Race Condition Page 12 . Least Privilege Principle Race Condition Page 13 . Question We are thinking about using the least‐privilege

What is Race Condition 

Race Condition Page 2

Page 3: Race Condition Attack Countermeasures€¦ · Race Condition Page 12 . Least Privilege Principle Race Condition Page 13 . Question We are thinking about using the least‐privilege

A Vulnerable Program 

Race Condition Page 3

Page 4: Race Condition Attack Countermeasures€¦ · Race Condition Page 12 . Least Privilege Principle Race Condition Page 13 . Question We are thinking about using the least‐privilege

Another Vulnerable Program

Race Condition Page 4

Page 5: Race Condition Attack Countermeasures€¦ · Race Condition Page 12 . Least Privilege Principle Race Condition Page 13 . Question We are thinking about using the least‐privilege

How to Attack

Race Condition Page 5

Page 6: Race Condition Attack Countermeasures€¦ · Race Condition Page 12 . Least Privilege Principle Race Condition Page 13 . Question We are thinking about using the least‐privilege

Attacking Script

Race Condition Page 6

Page 7: Race Condition Attack Countermeasures€¦ · Race Condition Page 12 . Least Privilege Principle Race Condition Page 13 . Question We are thinking about using the least‐privilege

Question 

Here is another piece of code int flag; …… if (flag == 0) { write_to_file(f); } else { // print out eror }    

Race Condition Page 7

Page 8: Race Condition Attack Countermeasures€¦ · Race Condition Page 12 . Least Privilege Principle Race Condition Page 13 . Question We are thinking about using the least‐privilege

Countermeasures

Race Condition Page 8

Page 9: Race Condition Attack Countermeasures€¦ · Race Condition Page 12 . Least Privilege Principle Race Condition Page 13 . Question We are thinking about using the least‐privilege

Make Operation Atomic 

Race Condition Page 9

Page 10: Race Condition Attack Countermeasures€¦ · Race Condition Page 12 . Least Privilege Principle Race Condition Page 13 . Question We are thinking about using the least‐privilege

Check‐Use‐Repeating Approach

Race Condition Page 10

Page 11: Race Condition Attack Countermeasures€¦ · Race Condition Page 12 . Least Privilege Principle Race Condition Page 13 . Question We are thinking about using the least‐privilege

Race Condition Page 11

Page 12: Race Condition Attack Countermeasures€¦ · Race Condition Page 12 . Least Privilege Principle Race Condition Page 13 . Question We are thinking about using the least‐privilege

Ubuntu's Sticky Link Protection 

Turn on the protection

What the protection mean

The result

Race Condition Page 12

Page 13: Race Condition Attack Countermeasures€¦ · Race Condition Page 12 . Least Privilege Principle Race Condition Page 13 . Question We are thinking about using the least‐privilege

Least Privilege Principle

Race Condition Page 13

Page 14: Race Condition Attack Countermeasures€¦ · Race Condition Page 12 . Least Privilege Principle Race Condition Page 13 . Question We are thinking about using the least‐privilege

Question

We are thinking about using the least‐privilege principle to defend against the buffer‐overflow attack. Namely, before executing the vulnerable function, we disable the root privilege; after the vulnerable function returns, we enable the privilege back. 

Does this work? Why or why not?

Race Condition Page 14


˘ ˇ - doc.ic.ac.uklivshits/papers/ppt/usenixsec05.pdfPerl RMTree Local Race Condition Vulnerability 7. Perl Local Race Condition Privilege Escalation Vulnerability 8. Vim ModeLines

Fergusson College (Autonomous) Pune Learning Outcomes ... · retrieval of a buffer, algorithm getblk, Race condition for free buffer and race for locked buffer in getblk, Algorithm

Holy Imagination + Race · Holy Imagination + Race pres-outlook.org 2 holy imagination Leading into midnight: the privilege of our racial awakening. Companioning others the journey

John Stewart / Bill O’Reilly · 2017. 5. 2. · Privilege Privilege is not limited to race and gender. Other types of privilege include sexual orientation, class, nationality, (dis)ability,

Appendix A - Interpreting Race Conditions Class Concepts€¦ · the race. There you could find the condition for the race in its’ entirety. Of course you didn’t have to keep

Thoughts on Critical Race Theory/White Privilege: A … Anti-Racism...Thoughts on Critical Race Theory/White Privilege: A Timeline 1492 – Columbus got lost. 1500 to 1619 - First

Persistence of White Privilege and Institutional Racism · The Persistence of White Privilege and Institutional Racism ... When a School Takes a Race-Conscious Approach ... cal framework

Privilege and Privilege Premier current accounts · PDF fileWith our Privilege and Privilege Premier current ... Our Privilege and Privilege Premier current accounts also come with

White privilege - JABOK · White privilege 1 White privilege For the clothing protocol in the Vatican, see Privilège du blanc. White privilege (or white skin privilege) is a term

RACE AND PRIVILEGE - Quaker Council for European Affairs ... · Race and Privilege As some people face disadvantages, others are advantaged or privileged. Most White people experience

Lesson 11: Race, Racism and Privilege Social Problems Robert Wonser 1

Ethical Hacking and Countermeasures...Privilege Escalation Using DLL Hijacking Privilege Escalation by Exploiting Vulnerabilities Privilege Escalation Using Dylib Hijacking Privilege

Solution to Race Condition: Mutual Exclusion and Synchronization

Myths of White Privilege - University of North Texas First Step - Pre-service Teachers...discussions on privilege and race 6. Guest presenter, who is a White male, comes to present

How to Talk With Kids About Race and Racism · Talking about race and racism is hard. ... profiling, white privilege, even white supremacy—serves to obscure that racism is a visceral

IMPLICIT BIAS AND WHITE PRIVILEGE...IMPLICIT BIAS AND WHITE PRIVILEGE Race, Racism and the Ramifications for Philanthropy Debate vs. Dialogue Debate Dialogue Assuming that there is

Letters of the Condition of the African Race in the United States- Mary Howard Schoolcraft

Code best practices and performance optimization · Code best practices and performance optimization Alf Nilsson Lead System Developer & EMVP. ... Race Condition Locks Race Condition

RACE BY RACE RESULTS FOR FRASER DOWNS AT ELEMENTS …€¦ · 2 Race number, track abbreviation and track distance 3 Purse 4 Course condition (FT=fast GD=good SY=sloppy) 5 Temperature

Race condition

Exploiting WebApp Race Condition Vulnerability 101

Privilege 10 Privilege 10 Privilege 20 Privilege 20

Courageous Conversations on Race, Privilege, & Homelessness in … · 2018-12-05 · COURAGEOUS CONVERSATIONS ON RACE, PRIVILEGE, & HOMELESSNESS IN URBAN SCHOOLS Lisette Rivera, School

HUNTING AND POWER: CLASS, RACE AND PRIVILEGE IN THE

Race condition in applicazioni PHP

Myths of White Privilege - University of North Texas First... · discussions on privilege and race 6. Guest presenter, who is a White male, comes to present on specifically on White

Teaching About Privilege to the Privileged * Dr. Tracy L. Robinson-Wood Third Race Relations Conference on New England Campuses Northeastern University

레이스 컨디션 (Race Condition)

RACE CONDITION Signal Racing Cycleskxc104/class/cmpen471/15f/lec/L11FundaCktDe… · Fundamental Mode Circuit Design 12/10/2014 L11: Fundamental Mode Circuit 1 RACE CONDITION Signal

Course Critique Race Condition Bernard Marc Moxhet Vincent Louis Stephane

Layering Power and Privilege: Class, race, and domestic labor in Brazil's Black Rome

Privilege and Privilege Premier current accounts

Protecting Privilege: Race, Residence and Rodney King

OA4 - McIntosh (1993) - White Privilege and Male Privilege

What is the elimination of special treatment or privilege based on race?