You also want an ePaper? Increase the reach of your titles
YUMPU automatically turns print PDFs into web optimized ePapers that Google loves.
}<br />
}<br />
printf("Opening <strong>of</strong> file authorized !\n");<br />
//Opening <strong>of</strong> file<br />
if( (fd = open(av[1], O_APPEND|O_WRONLY) ) == -1){<br />
perror(NULL);<br />
exit(4);<br />
}<br />
printf("Writing ....\n");<br />
//Writing in the file<br />
if( write(fd,av[2], strlen(av[2])) == -1 )<br />
perror(NULL);<br />
close(fd);<br />
The countermeasure<br />
The one countermeasure that immediately comes to mind for this type <strong>of</strong> attack is the locking <strong>of</strong> files,<br />
in other words to place a lock when an application has access to a file in order to prevent another<br />
application from having access to the same file.<br />
One might think <strong>of</strong> using semaphores as they can block access to data that will remain inaccessible<br />
until they are ready.<br />
A more complicated remedy could be to establish a diamond that would be the only one to be able to<br />
have access to the files; this diamond could not be bypassed during the opening <strong>of</strong> a file. When an<br />
application requests such an opening, it would ask this diamond that it effectively open the file and<br />
take care to note that the file is open, so that if another application were to ask for the opening <strong>of</strong> the<br />
same file, the diamond would refuse, the consequence being to refuse any competing opening <strong>of</strong> files.<br />
Finally, the countermeasure we suggest is a most simple one and it is also very efficient...<br />
All that has to be done actually is to modify the order <strong>of</strong> the instructions. So we will start by opening the<br />
file and we take good care to lock it to prevent any other actions on it. We then check the user's rights,<br />
and once that is done we take <strong>of</strong>f the security lock and then proceed to write in data.<br />
This way, we avoid encountering a problem <strong>of</strong> the “race condition” type.<br />
The <strong>Hack</strong>ademy DMP -163/209- SYSDREAM