Content deleted Content added
No edit summary |
→Preventing TOCTTOU: Add setuid() solution for setuid binaries. |
||
Line 71:
[[File locking]] is a common technique for preventing race conditions for a single file, but it does not extend to the file system namespace and other metadata, and cannot prevent TOCTTOU race conditions.
For setuid binaries a possible solution is to use the <code>seteuid()</code> system call to change the effective user and then perform the <code>open()</code>. Differences in <code>set*ui()</code> between operating systems might be problematic, but are well explained in <ref>[http://www.cs.berkeley.edu/~daw/papers/setuid-usenix02.pdf Chen, Hao; Wagner, David; Dean, Drew; "Setuid Demystified"].
== References ==
| |||