Revision as of 20:00, 29 May 2012 edit 84.181.227.163 (talk) Add missing </ref> ← Previous edit		Revision as of 22:56, 17 June 2012 edit undo 184.175.24.221 (talk) →Reliably timing TOCTTOU Next edit →
Line 54: == Reliably timing TOCTTOU == Exploiting a TOCTTOU race condition requires precise timing to ensure that the attacker's operations interleave properly with the victim's. In the example above, the attacker must execute the <code>symlink</code> system ~~calls~~call precisely between the <code>access</code> and <code>open</code>. For the most general attack, the attacker must be scheduled for execution after each operation by the victim, also known as "single-stepping" the victim. Techniques for single-stepping a victim program include file system mazes<ref>[http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.117.7757 Borisov, Nikita; Johnson, Rob; Sastry, Naveen; and Wagner, David; 2005; ''Fixing Races for Fun and Profit: How to abuse atime''; Proceedings of the 14th Conference on USENIX Security Symposium<!-- sic! --> (Security'05), Baltimore (MD), July 31 – August 5, 2005, Vol. 14, pp. 303–314]</ref> and algorithmic complexity attacks.<ref>[http://www.cs.sunysb.edu/~rob/papers/races2.pdf Cai, Xiang; Gui, Yuwei; and Johnson, Rob; 2009; ''Exploiting UNIX file-system races via algorithmic complexity attacks''; Proceedings of the IEEE Symposium on Security and Privacy, Berkeley (CA), May 17–20, 2009]</ref> In both cases, the attacker manipulates the OS state to control scheduling of the victim.

Time-of-check to time-of-use: Difference between revisions