Exploiting Unix File-System Races via Algorithmic Complexity Attacks
|
|
- Melvin McCoy
- 6 years ago
- Views:
Transcription
1 Exploiting Unix File-System Races via Algorithmic Complexity Attacks Xiang Cai, Yuwei Gui, and Rob Johnson (Stony Brook University). IEEE Symposium on Security and Privacy, May 2009.
2 Agenda Introduction Proposed Run-time Defense Mechanisms Preparing for the Race Evaluation
3 Introduction
4 Time-Of-Check-To-Time-Of-Use (TOCTTOU) Time of Check Permission Granted Status Time of Use Changed
5 int main(int argc, char **argv) { int fd; /* If my invoker cannot access argv[1], then exit. */ if (access(argv[1], R_OK)!= 0) exit(1); fd = open(argv[1], O_RDONLY); /* Use fd... */ } UID associated w/ process Real UID: UID of the user who launched the process Effective UID: UID be used to determine the permission Saved UID: Executable file s owner Figure 1: A setuid-program uses the insecure access(2)/open(2) design pattern.
6 int main(int argc, char **argv) { int fd; /* If my invoker cannot access argv[1], then exit. */ if (access(argv[1], R_OK)!= 0) exit(1); fd = open(argv[1], O_RDONLY); /* Use fd... */ } int main(int argc, char **argv) { /* Assume file refers to a file readable by the attacker. */ if (fork() == 0) { system( victim file ); exit(0); } usleep(1); } unlink( file ); link( /etc/shadow, file ); Figure 1: A setuid-program uses the insecure access(2)/open(2) design pattern. Figure 2: Exploitation of the vulnerable program in Figure 1.
7 int main(int argc, char **argv) { int fd; /* If my invoker cannot access argv[1], then exit. */ if (access(argv[1], R_OK)!= 0) exit(1); fd = open(argv[1], O_RDONLY); /* Use fd... */ } Context Switch Context Switch int main(int argc, char **argv) { /* Assume file refers to a file readable by the attacker. */ if (fork() == 0) { } system( victim file ); exit(0); } usleep(1); unlink( file ); link( /etc/shadow, file ); Figure 1: A setuid-program uses the insecure access(2)/open(2) design pattern. Figure 2: Exploitation of the vulnerable program in Figure 1.
8 Contribution Develop new tools for exploiting Unix file-system races Show that atomic k-race and TY-Race is insecure for multiple OS
9 Proposed Run-time Defense Mechanisms
10 TY-Race Kernel-based dynamic race detectors
11 /home/adl / secret (pid, dirid, fname, status) A table T be maintained in the kernel dirid Inodes status Inodes
12 traverse the path (pid, dirid, fname, status) Look up entry in T Found (pid, dirid, fname, status ) compare status & status Same proceed to the next atom Not found Not equal /home/adl/secret Add an entry abort return error logging msg This is a atom
13 Remove Entries from T Saving the memory usage Waiting for entries be removed or flushing the system-wide table
14 Atomic k-race Probabilistic user-space defenses
15 lstat(2) open(2) close(2) LAOF(LAOFC) k access(2) fstat(2)
16 slaasof(laasofc) k a = switch atom to an accessible file s = switch atom to a secret file
17 slaasof(laasofc) k must win 2k + 2 races total success probability = p 2k + 2
18 Attack Overview on atomic k-race
19 Caution sleep(2) timers expires during the execution of the victim s syscall victim s syscall only take a few microseconds (tiny wakeup window) ensure the scheduler chooses to run attacking process
20 Preparing for the Race
21 Enlarge The Wakeup Window By exploiting the hash table of the name resolution
22 Birthday Attack All generated filenames f1~fk have the same hash value 0. Causing the kernel to create an entry for each fi in the name cache. It requires O(k) time to traverse the entire linked list look for fk.
23 Preparing Hash Table First, create fk as a hard link to the target file and make the kernel create its entry in the name cache, then create f1~fk-1 s files and corresponding entries in the name cache.
24
25 Buying Time for Update fk POSIX , send signal to victim SIGSTOP & SIGCONT
26 Fast File Switching Greatly benefit OpenBSD s exploitation
27 Ensuring Precise and Reliable Scheduling by Priority Laundering, Sleep-walking, Syncing w/ The Clock, and so on
28 Priority Laundering use nice(2) to decrease victim s priority
29 Sleep-walking Using 2 processes to nanosleep(2) & kill(2) at the same time
30 Syncing w/ The Clock Use nanosleep(2) to sync the attacker process with the kernel s clock ticks issue end issue end only one sleep 2nd sleep after syncing
31 Summary Attack algorithm for FreeBSD
32 Evaluation
33
34
35 Discussion
36 Attackers could use this technique to exploit a temporary file creation race Fix atomic k-race by adding randomized busy-waits between each system call, but still vulnerable On OpenBSD, attackers does not need to send SIGSTOP & SIGCONT Perform either lstat(2) or access(2) randomly
37 Fix the hash tables with balanced binary trees Linux inotify give attackers great control over the scheduling of certain syscall
38 Related Work Static detectors Dynamic detectors and preventers Probabilistic defenses Interface changes User-space solutions
Exploiting Unix File-System Races via Algorithmic Complexity Attacks
Exploiting Unix File-System Races via Algorithmic Complexity Attacks Xiang Cai xcai@cs.sunysb.edu Yuwei Gui ygui@ic.sunysb.edu Stony Brook University Rob Johnson rob@cs.sunysb.edu Abstract We defeat two
More informationCYSE 411/AIT681 Secure Software Engineering Topic #13. Secure Coding: Race Conditions
CYSE 411/AIT681 Secure Software Engineering Topic #13. Secure Coding: Race Conditions Instructor: Dr. Kun Sun 1 Secure Coding String management Pointer Subterfuge Dynamic memory management Integer security
More informationCIS Operating Systems File Systems Security. Professor Qiang Zeng Fall 2017
CIS 5512 - Operating Systems File Systems Security Professor Qiang Zeng Fall 2017 Previous class File and directory Hard link and soft link Mount Layered structure File system design Naïve: linked list
More informationSysSec. Aurélien Francillon
SysSec Aurélien Francillon francill@eurecom.fr https://www.krackattacks.com/ https://arstechnica.com/information-technology/2017/10/crypto-failure-cripples-millions-ofhigh-security-keys-750k-estonian-ids/
More informationCS 380S. TOCTTOU Attacks. Don Porter. Some slides courtesy Vitaly Shmatikov and Emmett Witchel. slide 1
CS 380S TOCTTOU Attacks Don Porter Some slides courtesy Vitaly Shmatikov and Emmett Witchel slide 1 Definitions TOCTTOU Time of Check To Time of Use Check Establish some precondition (invariant), e.g.,
More informationGetting to know you. Anatomy of a Process. Processes. Of Programs and Processes
Getting to know you Processes A process is an abstraction that supports running programs A sequential stream of execution in its own address space A process is NOT the same as a program! So, two parts
More information3/7/18. Secure Coding. CYSE 411/AIT681 Secure Software Engineering. Race Conditions. Concurrency
Secure Coding CYSE 411/AIT681 Secure Software Engineering Topic #13. Secure Coding: Race Conditions Instructor: Dr. Kun Sun String management Pointer Subterfuge Dynamic memory management Integer security
More informationPortably Preventing File Race Attacks with User-Mode Path Resolution
Portably Preventing File Race Attacks with User-Mode Path Resolution Dan Tsafrir Tomer Hertz David Wagner Dilma Da Silva IBM Research Microsoft Research UC Berkeley IBM Research dilmasilva@us.ibm.com TOCTTOU
More informationSECURE PROGRAMMING TECHNIQUES. Race conditions. General terms. File access races. Network races. Multithreading. Signal handling races MEELIS ROOS 1
Race conditions General terms File access races Network races Multithreading Signal handling races MEELIS ROOS 1 General terms Race condition correctness of the program depends on timing (race with an
More informationOperating Systems Security
Operating Systems Security CS 166: Introduction to Computer Systems Security 1 Acknowledgements Materials from the CS167 lecture slides by Tom Doeppner included with permission Some slides 2016-2018 J.
More informationOperating System Structure
Operating System Structure Heechul Yun Disclaimer: some slides are adopted from the book authors slides with permission Recap: Memory Hierarchy Fast, Expensive Slow, Inexpensive 2 Recap Architectural support
More informationKilling Zombies, Working, Sleeping, and Spawning Children
Killing Zombies, Working, Sleeping, and Spawning Children CS 333 Prof. Karavanic (c) 2015 Karen L. Karavanic 1 The Process Model The OS loads program code and starts each job. Then it cleans up afterwards,
More informationIntroduction to OS Processes in Unix, Linux, and Windows MOS 2.1 Mahmoud El-Gayyar
Introduction to OS Processes in Unix, Linux, and Windows MOS 2.1 Mahmoud El-Gayyar elgayyar@ci.suez.edu.eg Mahmoud El-Gayyar / Introduction to OS 1 Processes in Unix, Linux, and Windows Unix pre-empted
More informationReading Assignment 4. n Chapter 4 Threads, due 2/7. 1/31/13 CSE325 - Processes 1
Reading Assignment 4 Chapter 4 Threads, due 2/7 1/31/13 CSE325 - Processes 1 What s Next? 1. Process Concept 2. Process Manager Responsibilities 3. Operations on Processes 4. Process Scheduling 5. Cooperating
More informationSecure Architecture Principles
Computer Security Course. Secure Architecture Principles Slides credit: Dan Boneh What Happens if you can t drop privilege? In what example scenarios does this happen? A service loop E.g., ssh Solution?
More informationOperating System Structure
Operating System Structure Heechul Yun Disclaimer: some slides are adopted from the book authors slides with permission Recap OS needs to understand architecture Hardware (CPU, memory, disk) trends and
More informationSecure Software Programming and Vulnerability Analysis
Secure Software Programming and Vulnerability Analysis Christopher Kruegel chris@auto.tuwien.ac.at http://www.auto.tuwien.ac.at/~chris Race Conditions Secure Software Programming 2 Overview Parallel execution
More informationCS140 Operating Systems Final December 12, 2007 OPEN BOOK, OPEN NOTES
CS140 Operating Systems Final December 12, 2007 OPEN BOOK, OPEN NOTES Your name: SUNet ID: In accordance with both the letter and the spirit of the Stanford Honor Code, I did not cheat on this exam. Furthermore,
More information518 Lecture Notes Week 3
518 Lecture Notes Week 3 (Sept. 15, 2014) 1/8 518 Lecture Notes Week 3 1 Topics Process management Process creation with fork() Overlaying an existing process with exec Notes on Lab 3 2 Process management
More informationChap 4, 5: Process. Dongkun Shin, SKKU
Chap 4, 5: Process 1 Process Concept Job A bundle of program and data to be executed An entity before submission for execution Process (= running program) An entity that is registered to kernel for execution
More informationScheduling, part 2. Don Porter CSE 506
Scheduling, part 2 Don Porter CSE 506 Logical Diagram Binary Memory Formats Allocators Threads Today s Lecture Switching System to CPU Calls RCU scheduling File System Networking Sync User Kernel Memory
More informationAdvanced Systems Security: Ordinary Operating Systems
Systems and Internet Infrastructure Security Network and Security Research Center Department of Computer Science and Engineering Pennsylvania State University, University Park PA Advanced Systems Security:
More informationProcess management. What s in a process? What is a process? The OS s process namespace. A process s address space (idealized)
Process management CSE 451: Operating Systems Spring 2012 Module 4 Processes Ed Lazowska lazowska@cs.washington.edu Allen Center 570 This module begins a series of topics on processes, threads, and synchronization
More informationCSE 451: Operating Systems Winter Module 4 Processes. Mark Zbikowski Allen Center 476
CSE 451: Operating Systems Winter 2015 Module 4 Processes Mark Zbikowski mzbik@cs.washington.edu Allen Center 476 2013 Gribble, Lazowska, Levy, Zahorjan Process management This module begins a series of
More informationPROCESS CONTROL BLOCK TWO-STATE MODEL (CONT D)
MANAGEMENT OF APPLICATION EXECUTION PROCESS CONTROL BLOCK Resources (processor, I/O devices, etc.) are made available to multiple applications The processor in particular is switched among multiple applications
More informationAdvanced Systems Security: Confused Deputy
Advanced Systems Security: Confused Deputy Trent Jaeger Systems and Internet Infrastructure Security (SIIS) Lab Computer Science and Engineering Department Pennsylvania State University 1 Talk Outline
More informationCSE 410: Computer Systems Spring Processes. John Zahorjan Allen Center 534
CSE 410: Computer Systems Spring 2018 Processes John Zahorjan zahorjan@cs.washington.edu Allen Center 534 1. What is a process? Processes 2. What's the process namespace? 3. How are processes represented
More informationSecure Coding in C and C++ Race conditions
Secure Coding in C and C++ Race conditions Lecture 6 Oct 1, 2014 Acknowledgement: These slides are based on author Seacord s original presentation Concurrency and Race condition Concurrency Execution of
More informationPROCESSES. Jo, Heeseung
PROCESSES Jo, Heeseung TODAY'S TOPICS What is the process? How to implement processes? Inter-Process Communication (IPC) 2 WHAT IS THE PROCESS? Program? vs. Process? vs. Processor? 3 PROCESS CONCEPT (1)
More informationProcesses. Jo, Heeseung
Processes Jo, Heeseung Today's Topics What is the process? How to implement processes? Inter-Process Communication (IPC) 2 What Is The Process? Program? vs. Process? vs. Processor? 3 Process Concept (1)
More informationOS lpr. www. nfsd gcc emacs ls 1/27/09. Process Management. CS 537 Lecture 3: Processes. Example OS in operation. Why Processes? Simplicity + Speed
Process Management CS 537 Lecture 3: Processes Michael Swift This lecture begins a series of topics on processes, threads, and synchronization Today: processes and process management what are the OS units
More informationNon-atomic check and use aka TOCTOU (Time of Check, Time of Use) or race conditions. Erik Poll Digital Security group Radboud University Nijmegen
Non-atomic check and use aka TOCTOU (Time of Check, Time of Use) or race conditions Erik Poll Digital Security group Radboud University Nijmegen A classic source of (security) problems race condition aka
More informationFall 2017 :: CSE 306. File Systems Basics. Nima Honarmand
File Systems Basics Nima Honarmand File and inode File: user-level abstraction of storage (and other) devices Sequence of bytes inode: internal OS data structure representing a file inode stands for index
More informationOS Security III: Sandbox and SFI
1 OS Security III: Sandbox and SFI Chengyu Song Slides modified from Dawn Song 2 Administrivia Lab2 VMs on lab machine Extension? 3 Users and processes FACT: although ACLs use users as subject, the OS
More informationCSE543 - Introduction to Computer and Network Security
CSE543 - Introduction to Computer and Network Security Module: Software Vulnerabilities Professor Trent Jaeger 1 Programming Why do we write programs? Function What functions do we enable via our programs?
More informationOS lpr. www. nfsd gcc emacs ls 9/18/11. Process Management. CS 537 Lecture 4: Processes. The Process. Why Processes? Simplicity + Speed
Process Management CS 537 Lecture 4: Processes Today: processes and process management what are the OS units of execution? how are they represented inside the OS? how is the CPU scheduled across processes?
More informationExecution of Multiple flows (threads, processes, tasks, etc) If not controlled can lead to nondeterministic behavior
Race Conditions March 27, 2006 March 27, 2006 Concurrency Concurrency and Race condition Execution of Multiple flows (threads, processes, tasks, etc) If not controlled can lead to nondeterministic behavior
More informationExplicit Information Flow in the HiStar OS. Nickolai Zeldovich, Silas Boyd-Wickizer, Eddie Kohler, David Mazières
Explicit Information Flow in the HiStar OS Nickolai Zeldovich, Silas Boyd-Wickizer, Eddie Kohler, David Mazières Too much trusted software Untrustworthy code a huge problem Users willingly run malicious
More informationDynamic Detection and Prevention of Race Conditions in File Accesses
Dynamic Detection and Prevention of Race Conditions in File Accesses Eugene Tsyrklevich eugene@securityarchitects.com Outline What are race conditions? How can we prevent them? Implementation description
More informationECE 650 Systems Programming & Engineering. Spring 2018
ECE 650 Systems Programming & Engineering Spring 2018 User Space / Kernel Interaction Tyler Bletsch Duke University Slides are adapted from Brian Rogers (Duke) Operating System Services User and other
More informationwww nfsd emacs lpr Process Management CS 537 Lecture 4: Processes Example OS in operation Why Processes? Simplicity + Speed
Process Management CS 537 Lecture 4: Processes Michael Swift This lecture begins a series of topics on processes, threads, and synchronization Today: processes and process management what are the OS units
More informationProcesses. Jin-Soo Kim Computer Systems Laboratory Sungkyunkwan University
Processes Jin-Soo Kim (jinsookim@skku.edu) Computer Systems Laboratory Sungkyunkwan University http://csl.skku.edu OS Internals User space shell ls trap shell ps Kernel space File System Management I/O
More informationPROCESS MANAGEMENT. Operating Systems 2015 Spring by Euiseong Seo
PROCESS MANAGEMENT Operating Systems 2015 Spring by Euiseong Seo Today s Topics Process Concept Process Scheduling Operations on Processes Interprocess Communication Examples of IPC Systems Communication
More informationSTING: Finding Name Resolution Vulnerabilities in Programs
STING: Finding Name Resolution ulnerabilities in Programs Hayawardh ijayakumar, Joshua Schiffman, Trent Jaeger Systems and Internet Infrastructure Security (SIIS) Lab Computer Science and Engineering Department
More informationVirtual File System. Don Porter CSE 506
Virtual File System Don Porter CSE 506 History ò Early OSes provided a single file system ò In general, system was pretty tailored to target hardware ò In the early 80s, people became interested in supporting
More informationECE 550D Fundamentals of Computer Systems and Engineering. Fall 2017
ECE 550D Fundamentals of Computer Systems and Engineering Fall 2017 The Operating System (OS) Prof. John Board Duke University Slides are derived from work by Profs. Tyler Bletsch and Andrew Hilton (Duke)
More informationLecture 23: System-Level I/O
CSCI-UA.0201-001/2 Computer Systems Organization Lecture 23: System-Level I/O Mohamed Zahran (aka Z) mzahran@cs.nyu.edu http://www.mzahran.com Some slides adapted (and slightly modified) from: Clark Barrett
More informationCOMP 2355 Introduction to Systems Programming
COMP 2355 Introduction to Systems Programming Christian Grothoff christian@grothoff.org http://grothoff.org/christian/ 1 Processes A process is an instance of a running program. Programs do not have to
More informationI m paranoid, but am I paranoid enough? Steven M. Bellovin February 20,
I m paranoid, but am I paranoid enough? Steven M. Bellovin February 20, 2007 1 Special Techniques for Secure Programs Buffer overflows are bad in any case Some problems are only a risk for secure programs
More informationCS Operating Systems Lab 3: UNIX Processes
CS 346 - Operating Systems Lab 3: UNIX Processes Due: February 15 Purpose: In this lab you will become familiar with UNIX processes. In particular you will examine processes with the ps command and terminate
More informationCS 370 Operating Systems
NAME S.ID. # CS 370 Operating Systems Mid-term Example Instructions: The exam time is 50 minutes. CLOSED BOOK. 1. [24 pts] Multiple choice. Check one. a. Multiprogramming is: An executable program that
More informationKINGS COLLEGE OF ENGINEERING DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING ACADEMIC YEAR / ODD SEMESTER
KINGS COLLEGE OF ENGINEERING DEPARTMENT OF COMPUTER SCIENCE & ENGINEERING ACADEMIC YEAR 2011-2012 / ODD SEMESTER Question Bank Subject Code/Name: CS1005-Unix Internals Year / Sem: IV / VII UNIT I- GENERAL
More informationCS2506 Quick Revision
CS2506 Quick Revision OS Structure / Layer Kernel Structure Enter Kernel / Trap Instruction Classification of OS Process Definition Process Context Operations Process Management Child Process Thread Process
More informationCS 3305 Intro to Threads. Lecture 6
CS 3305 Intro to Threads Lecture 6 Introduction Multiple applications run concurrently! This means that there are multiple processes running on a computer Introduction Applications often need to perform
More informationProcesses are subjects.
Identification and Authentication Access Control Other security related things: Devices, mounting filesystems Search path TCP wrappers Race conditions NOTE: filenames may differ between OS/distributions
More informationProcess. Signal #8. Signals are software interrupts from unexpected events. a power failure. an alarm clock. the death of a child process
Linux/UNIX Programming 문양세강원대학교 IT특성화대학컴퓨터과학전공 Signals Signals are software interrupts from unexpected events an illegal operation (e.g., divide by 0) a power failure an alarm clock the death of a child
More informationSHRI ANGALAMMAN COLLEGE OF ENGINEERING AND TECHNOLOGY (An ISO 9001:2008 Certified Institution) SIRUGANOOR, TIRUCHIRAPPALLI
SHRI ANGALAMMAN COLLEGE OF ENGINEERING AND TECHNOLOGY (An ISO 9001:2008 Certified Institution) SIRUGANOOR, TIRUCHIRAPPALLI 621 105 DEPARTMENT OF COMPUTER SCIENCE AND ENGG. Cs 1005- UNIX INTERNALS UNIT
More informationSandboxing. (1) Motivation. (2) Sandboxing Approaches. (3) Chroot
Sandboxing (1) Motivation Depending on operating system to do access control is not enough. For example: download software, virus or Trojan horse, how to run it safely? Risks: Unauthorized access to files,
More informationCSC 438 Systems and Software Security, Spring 2014 Instructor: Dr. Natarajan Meghanathan Question Bank for Module 6: Software Security Attacks
CSC 438 Systems and Software Security, Spring 2014 Instructor: Dr. Natarajan Meghanathan Question Bank for Module 6: Software Security Attacks 1) What will be the output of the following C program when
More informationTOCTTOU Vulnerabilities in UNIX-Style File Systems: An Anatomical Study
TOCTTOU Vulnerabilities in UNIX-Style File Systems: An Anatomical Study Jinpeng Wei and Calton Pu Georgia Institute of Technology 4th USENIX Conference on File and Storage Technologies December 15, 2005.
More informationExceptions and Processes
Exceptions and Processes Samira Khan April 18, 2017 Control Flow Processors do only one thing: From startup to shutdown, a simply reads and executes (interprets) a sequence of instructions, one at a time
More informationProcesses are subjects.
Identification and Authentication Access Control Other security related things: Devices, mounting filesystems Search path Race conditions NOTE: filenames may differ between OS/distributions Principals
More informationSecure Programming Lecture 16: Race Conditions
Secure Programming Lecture 16: Race Conditions David Aspinall 18th March 2016 Outline Overview Race Conditions Race conditions with Unix file handling Data Races Preventing Races Preventing race conditions
More informationFall 2014:: CSE 506:: Section 2 (PhD) Securing Linux. Hyungjoon Koo and Anke Li
Securing Linux Hyungjoon Koo and Anke Li Outline Overview Background: necessity & brief history Core concepts LSM (Linux Security Module) Requirements Design SELinux Key elements Security context: identity
More informationI m paranoid, but am I paranoid enough? Steven M. Bellovin October 2,
I m paranoid, but am I paranoid enough? Steven M. Bellovin October 2, 2008 1 Special Techniques for Secure Programs Buffer overflows are bad in any case Some problems are only a risk for secure programs
More informationProcesses & Threads. Today. Next Time. ! Process concept! Process model! Implementing processes! Multiprocessing once again. ! More of the same J
Processes & Threads Today! Process concept! Process model! Implementing processes! Multiprocessing once again Next Time! More of the same J The process model! Most computers can do more than one thing
More informationSecure Programming II. Steven M. Bellovin September 29,
Secure Programming II Steven M. Bellovin September 29, 2014 1 I m paranoid, but am I paranoid enough? Steven M. Bellovin September 29, 2014 2 Special Techniques for Secure Programs Buffer overflows are
More informationSMD149 - Operating Systems
SMD149 - Operating Systems Roland Parviainen November 3, 2005 1 / 45 Outline Overview 2 / 45 Process (tasks) are necessary for concurrency Instance of a program in execution Next invocation of the program
More informationProcesses. Sanzheng Qiao. December, Department of Computing and Software
Processes Sanzheng Qiao Department of Computing and Software December, 2012 What is a process? The notion of process is an abstraction. It has been given many definitions. Program in execution is the most
More informationProcess. Heechul Yun. Disclaimer: some slides are adopted from the book authors slides with permission
Process Heechul Yun Disclaimer: some slides are adopted from the book authors slides with permission 1 Recap OS services Resource (CPU, memory) allocation, filesystem, communication, protection, security,
More informationSystem Calls and Signals: Communication with the OS. System Call. strace./hello. Kernel. Context Switch
System Calls and Signals: Communication with the OS Jonathan Misurda jmisurda@cs.pitt.edu System Call An operation (function) that an OS provides for running applications to use CS 1550 2077 strace./hello
More information12: Filesystems: The User View
12: Filesystems: The User View Mark Handley Goals for Long-term Information Storage 1. Store large amounts of data. 2. Information stored must survive the termination of the process using it and reboot
More informationOperating Systems Lab
Operating Systems Lab Islamic University Gaza Engineering Faculty Department of Computer Engineering Fall 2012 ECOM 4010: Operating Systems Lab Eng: Ahmed M. Ayash Lab # 4 Paths, Links & File Permissions
More informationCOE518 Lecture Notes Week 2 (Sept. 12, 2011)
C)E 518 Operating Systems Week 2 September 12, 2011 1/8 COE518 Lecture Notes Week 2 (Sept. 12, 2011) Topics Creating a cloned process with fork() Running a new process with exec...() Textbook sections
More informationCS 33. Shells and Files. CS33 Intro to Computer Systems XX 1 Copyright 2017 Thomas W. Doeppner. All rights reserved.
CS 33 Shells and Files CS33 Intro to Computer Systems XX 1 Copyright 2017 Thomas W. Doeppner. All rights reserved. Shells Command and scripting languages for Unix First shell: Thompson shell sh, developed
More informationRCU. ò Dozens of supported file systems. ò Independent layer from backing storage. ò And, of course, networked file system support
Logical Diagram Virtual File System Don Porter CSE 506 Binary Formats RCU Memory Management File System Memory Allocators System Calls Device Drivers Networking Threads User Today s Lecture Kernel Sync
More informationComputer Security. 04r. Pre-exam 1 Concept Review. Paul Krzyzanowski. Rutgers University. Spring 2018
Computer Security 04r. Pre-exam 1 Concept Review Paul Krzyzanowski Rutgers University Spring 2018 February 15, 2018 CS 419 2018 Paul Krzyzanowski 1 Key ideas from the past four lectures February 15, 2018
More informationChapter 6. File Systems
Chapter 6 File Systems 6.1 Files 6.2 Directories 6.3 File system implementation 6.4 Example file systems 350 Long-term Information Storage 1. Must store large amounts of data 2. Information stored must
More informationData Security and Privacy. Unix Discretionary Access Control
Data Security and Privacy Unix Discretionary Access Control 1 Readings for This Lecture Wikipedia Filesystem Permissions Other readings UNIX File and Directory Permissions and Modes http://www.hccfl.edu/pollock/aunix1/filepermissions.htm
More informationCS420: Operating Systems. OS Services & System Calls
OS Services & System Calls James Moscola Department of Engineering & Computer Science York College of Pennsylvania Based on Operating System Concepts, 9th Edition by Silberschatz, Galvin, Gagne Operating
More informationAdvanced Unix System Administration Spring 2008 Homework 1 Solutions
Advanced Unix System Administration Spring 2008 Homework 1 Solutions 1. Tracing a running process. This exercise must be done on the login server. Among the files for this week s assignment is wrapper,
More informationSymlink attacks. Do not assume that symlinks are trustworthy: Example 1
Symlink attacks Do not assume that symlinks are trustworthy: Example 1 Application A creates a file for writing in /tmp. It assumes that since the file name is unusual, or because it encodes A's name or
More informationFile Descriptors and Piping
File Descriptors and Piping CSC209: Software Tools and Systems Programming Furkan Alaca & Paul Vrbik University of Toronto Mississauga https://mcs.utm.utoronto.ca/~209/ Week 8 Today s topics File Descriptors
More informationAdvanced System Security: Vulnerabilities
Advanced System Security: Vulnerabilities Trent Jaeger Systems and Internet Infrastructure Security (SIIS) Lab Computer Science and Engineering Department Pennsylvania State University CSE544 -Advanced
More informationView access control as a matrix Subjects (processes/users) access objects (e.g., files) Each cell of matrix has allowed permissions
View access control as a matrix Subjects (processes/users) access objects (e.g., files) Each cell of matrix has allowed permissions 1 / 39 Specifying policy Manually filling out matrix would be tedious
More informationby Marina Cholakyan, Hyduke Noshadi, Sepehr Sahba and Young Cha
CS 111 Scribe Notes for 4/11/05 by Marina Cholakyan, Hyduke Noshadi, Sepehr Sahba and Young Cha Processes What is a process? A process is a running instance of a program. The Web browser you're using to
More informationUNIX System Calls. Sys Calls versus Library Func
UNIX System Calls Entry points to the kernel Provide services to the processes One feature that cannot be changed Definitions are in C For most system calls a function with the same name exists in the
More informationCS 355 Operating Systems. Keeping Track of Processes. When are processes created? Process States 1/26/18. Processes, Unix Processes and System Calls
CS 355 Operating Systems Processes, Unix Processes and System Calls Process User types command like run foo at keyboard I/O device driver for keyboard and screen Command is parsed by command shell Executable
More information1 / Unix protection. 2 Unix security holes. 3 Capability-based protection 3 / 39
View access control as a matrix Specifying policy Manually filling out matrix would be tedious Use tools such as groups or role-based access control: dir 1 dir 2 Subjects (processes/users) access objects
More informationFundamentals of Computer Security
Fundamentals of Computer Security Spring 2015 Radu Sion Software Errors Buffer Overflow TOCTTOU 2005-15 Portions copyright by Bogdan Carbunar and Wikipedia. Used with permission Why Security Vulnerabilities?
More informationOutline. Classic races: files in /tmp. Race conditions. TOCTTOU example. TOCTTOU gaps. Vulnerabilities in OS interaction
Outline CSci 5271 Introduction to Computer Security Day 3: Low-level vulnerabilities Stephen McCamant University of Minnesota, Computer Science & Engineering Race conditions Classic races: files in /tmp
More informationCPSC 341 OS & Networks. Processes. Dr. Yingwu Zhu
CPSC 341 OS & Networks Processes Dr. Yingwu Zhu Process Concept Process a program in execution What is not a process? -- program on a disk A process is an active object, but a program is just a file It
More informationFixing Races for Fun and Profit: How to use access(2)
Fixing Races for Fun and Profit: How to use access(2) Drew Dean Computer Science Laboratory, SRI International ddean@csl.sri.com Alan J. Hu Dept. of Computer Science, University of British Columbia ajh@cs.ubc.ca
More informationThreads. What is a thread? Motivation. Single and Multithreaded Processes. Benefits
CS307 What is a thread? Threads A thread is a basic unit of CPU utilization contains a thread ID, a program counter, a register set, and a stack shares with other threads belonging to the same process
More informationWhat is a Process? Processes and Process Management Details for running a program
1 What is a Process? Program to Process OS Structure, Processes & Process Management Don Porter Portions courtesy Emmett Witchel! A process is a program during execution. Ø Program = static file (image)
More informationVirtual File System. Don Porter CSE 306
Virtual File System Don Porter CSE 306 History Early OSes provided a single file system In general, system was pretty tailored to target hardware In the early 80s, people became interested in supporting
More informationProcesses and Threads
Processes and Threads Giuseppe Anastasi g.anastasi@iet.unipi.it Pervasive Computing & Networking Lab. () Dept. of Information Engineering, University of Pisa Based on original slides by Silberschatz, Galvin
More informationAdvanced Unix Concepts. Satyajit Rai
Advanced Unix Concepts Advanced Unix Concepts Satyajit Rai March 17, 2003 March 22, 2003 KReSIT, IIT Bombay 1 Contents Contents Advanced Unix Concepts.......... 1 Contents.................. 2 Process Creation..............
More informationThe Kernel Abstraction. Chapter 2 OSPP Part I
The Kernel Abstraction Chapter 2 OSPP Part I Kernel The software component that controls the hardware directly, and implements the core privileged OS functions. Modern hardware has features that allow
More informationProcesses. CS439: Principles of Computer Systems January 30, 2019
Processes CS439: Principles of Computer Systems January 30, 2019 What We Know Operating system complexity increased over time in response to economic and technological changes The three roles did not show
More information