Exploiting concurrency vulnerabilities in system call wrappers
作者: Robert NM Watson , None
DOI:
关键词:
摘要: System call interposition allows the kernel security model to be extended. However, when combined with current operating systems, it is open concurrency vulnerabilities leading privilege escalation and audit bypass. We discuss theory practice of system wrapper vulnerabilities, demonstrate exploit techniques against GSWTK, Systrace, CerbNG.
neu.edu
watson.org 
acm.org 参考文章(16)
David B. Golub, Avadis Tevanian, Michael J. Accetta, William J. Bolosky, Richard F. Rashid, Robert V. Baron, Michael Young, Mach: A New Kernel Foundation for UNIX Development. USENIX Summer. pp. 93- 113 ,(1986)
R. P. Abbott, Security Analysis and Enhancements of Computer Operating Systems National Bureau of Standards. ,(1976) , 10.6028/NBS.IR.76-1041
Tal Garfinkel, Traps and Pitfalls: Practical Problems in System Call Interposition Based Security Tools. network and distributed system security symposium. ,(2003)
James P. Anderson, Computer Security Technology Planning Study ,(1972)
Alan J. Hu, Drew Dean, Fixing races for fun and profit: how to use access(2) usenix security symposium. pp. 14- 14 ,(2004)
Niels Provos, Improving host security with system call policies usenix security symposium. pp. 18- 18 ,(2003)
Douglas Kilpatrick, Lee Badger, Timothy Fraser, Calvin Ko, Detecting and countering system intrusions using software wrappers usenix security symposium. pp. 11- 11 ,(2000)
Tal Garfinkel, Mendel Rosenblum, Ben Pfaff, Ostia: A Delegating Architecture for Secure System Call Interposition. network and distributed system security symposium. ,(2004)
Douglas P. Ghormley, Steven H. Rodrigues, Thomas E. Anderson, David Petrou, SLIC: an extensibility system for commodity operating systems usenix annual technical conference. pp. 4- 4 ,(1998)
Richard BisbeyII., Dennis Hollingworth, Protection Analysis: Final Report ,(1978)