[index] [text page] [<<start] [<prev] [next>] [last>>]
Page 16: Race conditions

Page 16

  
  Race conditions
  A race condition is a vulnerability where an assumption may be false by the time it is acted upon.
  Examples
  Check if a file exists, and create it if it isn't there.
  Check if a file is owned by a particular user, and then do something with it.
  Often can be avoided by
  Using atomic functions / calls.
  Using locking mechanisms.
  Operating on an open handle, rather than a filename.

Copyright 2003, Bri Hatch of Onsight, Inc.

Presented at SPUG, 2003.

Presentation created using vim and MagicPoint.