Free Article Syndication

Search Articles:
 

arrow Home  arrow Article Marketing Blog

What Is A Race Condition?

By: Robert Thomson

A race condition occurs when multiple processes access and manipulate the same data concurrently, and the outcome of the execution depends on the particular order in which the access takes place.

A race condition is of interest to a hacker when the race condition can be utilized to gain privileged system access.

Consider the following code snippet which illustrates a race condition:

if(access("/tmp/datafile",R_OK)==0){
fd=open("/tmp/datafile
process(fd);
close(fd);

This code creates the temporary file /tmp/datafile and then opens it.

The potential race condition occurs between the call to access() and the call to open().

If an attacker can replace the contents of /tmp/datafile between the access() and open() functions, he can manipulate the actions of the program which uses that datafile. This is the race.

It can be difficult to exploit a race condition, because you may have to "run the race" many times before you "win." You may have to run the vulnerable program and the vulnerability testing tool thousands of times before you get the expolit code to execute after the vulnerability opens and before the vulnerability closes. It is sometimes possible to give the attack an extra edge by using `nice` to lower the priority of the legitimate suid program.

Improper use of the function calls access(), chown(), chgrp(), chmod(), mktemp(), tempnam(), tmpfile(), and tmpnam() are the normal causes of a race condition.

Barbara Jones writes on topics such as Race Condition , Format String Vulnerability and Interger Overflow for The Tech FAQ.

Article Directory: http://www.articlecrash.com/

Please Rate The Above Article From The Internet Category
Article Title: What Is A Race Condition?

 

Not yet Rated

Syndicate Internet Related Articles Via RSS!



Boost your websites' search engine ranking! Attract more repeat visitors!
Automatically, consistently update your content via Really Simple Syndication (RSS). To syndicate the above article and other Internet related articles on your blog or site, simply click on the XML Icon above to grab the RSS feed -- It's FREE!



Additional Articles From - Home | Internet
Syndicate Your Articles for FREE!
arrow Member Login
Sign Up! It's FREE!
Editorial Guide
Why Submit Articles?
Acceptance Notification
Free Articles To Publish on YOUR Website
Terms of Service
Crash Alert!
Articles RSS feeds RSS Feeds
Article Crash Article Directory Information
Article Stars Forum
Link to Us
Contact Us
Article Syndication and Publishing Resources
Article Marketing Blog
ArticleStars SuperNova Secrets are Here!
Visit The ArticleStars Article Marketing SEO Forum



Get Free Bonuses For Registering

Copyright ©  Article Crash All rights protected.
Use of our free service is protected by our Privacy Policy and Terms of Service

Powered by Article Dashboard