Secure Software Design - Race Conditions Flashcards

1
Q

What is a race condition?

A

A situation where a program’s output depends on the timing of uncontrollable events.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Fill in the blank: Race conditions often occur due to ______ in resource handling timing.

A

Gaps

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Explain the Time-of-Check to Time-of-Use (TOCTOU) vulnerability.

A

A race condition where attackers exploit the time gap between checking a resource and using it to manipulate access or data.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

What is a common exploit method for TOCTOU attacks?

A

Changing file links or permissions between the check and use stages, like using symbolic links.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Describe an example of a TOCTOU attack using a symbolic link.

A

An attacker changes a file from a safe location (e.g., /tmp/xxx) to a symbolic link pointing to /etc/passwd during the access gap.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Why are atomic operations important in preventing TOCTOU attacks?

A

They make check-and-use inseparable, eliminating the timing gap that allows race conditions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

Fill in the blank: TOCTOU vulnerabilities are commonly mitigated by making operations ______.

A

Atomic

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is the Dirty COW vulnerability?

A

A Linux kernel race condition that exploits Copy-On-Write behavior in memory mapping, allowing unauthorized file modification.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

How does the Dirty COW exploit Copy-On-Write?

A

It uses a race condition between memory management operations to write directly to a supposedly read-only file.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

Give an example of the target file for a Dirty COW attack.

A

The /etc/passwd file, which controls user privileges.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

Fill in the blank: Dirty COW attacks leverage the timing gap in the ______ process of memory mapping.

A

Copy-On-Write (COW)

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is the purpose of using MAP_SHARED in memory mapping?

A

It allows multiple processes to share updates to the same physical memory, making changes immediately visible.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

How does the MAP_PRIVATE option in mmap differ from MAP_SHARED?

A

MAP_PRIVATE creates a private copy when a process writes, so changes aren’t visible to other processes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

Explain the function of madvise with MADV_DONTNEED in Dirty COW attacks.

A

It discards the private copy of mapped memory, forcing access back to the original physical memory.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

Fill in the blank: The principle of ______ recommends minimizing program privileges to what is necessary for the task.

A

Least privilege

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

Why is the principle of least privilege critical in mitigating race condition risks?

A

It limits the level of access a program has, reducing the impact of potential race condition exploits.

17
Q

List one system setting that helps prevent symbolic link TOCTOU attacks.

A

Sticky symlink protection in world-writable directories like /tmp.

18
Q

Explain sticky symlink protection.

A

This protection prevents symbolic links in world-writable directories from being followed if they’re owned by different users.

19
Q

What does ‘repeated checks’ mean as a race condition countermeasure?

A

Performing multiple checks on a resource and verifying consistency to reduce the chance of a race condition.

20
Q

Fill in the blank: The ______ option with O_CREAT in the open() function prevents TOCTOU by ensuring atomic file creation.

A

O_EXCL

21
Q

How does comparing file inodes help detect race conditions?

A

It ensures that the file accessed remains the same throughout the operation, flagging inconsistencies if the file changes.

22
Q

Why is it important to patch the Linux kernel for vulnerabilities like Dirty COW?

A

Kernel patches fix race conditions and prevent attackers from exploiting timing gaps in critical operations.

23
Q

Describe how the principle of least privilege applies to file access in race conditions.

A

Programs should temporarily reduce privileges during non-critical operations to prevent unauthorized access.

24
Q

What is the purpose of using ‘sticky bits’ in directories like /tmp?

A

They prevent users from modifying or deleting each other’s files, reducing the risk of race conditions in shared directories.

25
Q

Fill in the blank: Atomic operations are crucial for preventing ______ in TOCTOU vulnerabilities.

A

Timing gaps or windows

26
Q

Why is it important to use absolute paths in security-sensitive programs?

A

Using absolute paths ensures consistent file access and prevents path manipulation by attackers.

27
Q

Explain the use of the MAP_SHARED option in inter-process communication.

A

It allows processes to share and immediately see each other’s changes in a mapped memory region.

28
Q

What is the risk of using MAP_PRIVATE without understanding Copy-On-Write?

A

Changes are isolated to a private copy, but a race condition can still manipulate memory before the copy occurs.

29
Q

Describe an attack method that involves both memory mapping and symbolic links.

A

An attacker could map memory and use symbolic links to redirect operations to privileged files during a race condition.

30
Q

What role does memory mapping play in the Dirty COW vulnerability?

A

It allows unauthorized memory writes by exploiting timing gaps in the Copy-On-Write process.