Security '01 Abstract
RaceGuard: Kernel Protection From Temporary File Race Vulnerabilities
Crispin Cowan, Steve Beattie, Chris Wright, and Greg Kroah-Hartman, WireX Communications, Inc.
Abstract
Temporary file race vulnerabilities occur when privi-leged
programs attempt to create temporary files in an
unsafe manner. "Unsafe" means "non-atomic with
respect to an attacker's activities." There is no portable
standard for safely (atomically) creating temporary files,
and many operating systems have no safe temporary file
creation at all. As a result, many programs continue to
use unsafe means to create temporary files, resulting in
widespread vulnerabilities. This paper presents Race-Guard:
a kernel enhancement that detects attempts to
exploit temporary file race vulnerabilities, and does so
with sufficient speed and precision that the attack can be
halted before it takes effect. RaceGuard has been imple-mented,
tested, and measured. We show that RaceGuard
is effective at stopping temporary file race attacks, pre-serves
compatibility (no legitimate software is broken),
and preserves performance (overhead is minimal).
- View the full text of this paper in
PDF and
PostScript.
The Proceedings are published as a collective work, © 2001 by the USENIX Association. All Rights Reserved. Rights
to individual papers remain with the author or the author's employer.
Permission is granted for the noncommercial reproduction of the complete
work for educational or research purposes. USENIX acknowledges all
trademarks within this paper.
- If you need the latest Adobe Acrobat Reader, you can download it from Adobe's site.
- To become a USENIX Member, please see our Membership Information.
|