Results 1 to 1 of 1
Thread: Security hole by Race condition
LinkBack URL
About LinkBacks- 03-24-2010, 04:10 AM #1
Member
- Join Date
- Jan 2010
- Posts
- 25
- Rep Power
- 0
Security hole by Race condition
ftp://ftp.software.ibm.com/common/ss...W14198USEN.PDF
May someone explain more about that situatione. Race conditions
Two processes might share control or data. Race conditions isthe term applied to compromising this sharing, which typicallyresults from synchronization errors, when the potential existsfor process conflicts, and a resulting vulnerability. A typicalexploit interrupts a pair of sequential calls that are meant to beperformed automatically without interruption by anotherthread or process on the machine with a third process.
One example is the combined checking of access rights to afile, followed by a subsequent call to write or read that file. Byinterrupting the process between the two calls, an attacker canrewrite or modify the file because this behavior is expected.The attacker can place inappropriate information into a file,or perhaps access an inappropriate file.
Reply With QuoteSimilar Threads
-
IF-Condition in a String
By lenaz in forum Advanced JavaReplies: 1Last Post: 07-18-2009, 12:07 PM -
Simple Text race game
By Inf1nity in forum New To JavaReplies: 2Last Post: 03-16-2009, 03:46 PM -
JFrame (closing under a condition)
By Java Tip in forum Java TipReplies: 0Last Post: 03-12-2008, 11:17 AM -
problem with using string in if condition
By sireesha in forum New To JavaReplies: 2Last Post: 11-20-2007, 10:40 PM -
difference between code based security and role based security
By boy22 in forum New To JavaReplies: 1Last Post: 07-23-2007, 11:59 PM
Bookmarks