Linux Today: Linux News On Internet Time.

developerWorks: Preventing Race Conditions

Oct 12, 2004, 08:30 (0 Talkback[s])
(Other stories by David A. Wheeler)

[ Thanks to David A. Wheeler for this link. ]

"Using a stolen password, Mallory managed to log into an important server running Linux. The account was a very limited account, but Mallory knew how to cause trouble with it. Mallory installed and ran a trivial program with very odd behavior--it quickly created and removed many different symbolic link files in the /tmp directory, using a multitude of processes. (A symbolic link file, also called a symlink, is simply a file that when accessed redirects the requester to another file.) Mallory's program kept creating and removing many different symlinks pointing to the same special file: /etc/passwd, the password file.

"One of the security precautions on this important server was that every day it ran Tripwire--specifically, the older version 2.3.0. Tripwire is a security program that detects tampering of important files. As Tripwire started up it tried to create a temporary file, as many programs do..."

Complete Story

Related Stories: