A race condition is an undesirable situation that occurs when system attempts to perform two or more operations at the same time, but because of the nature of the system, the operations must be done in the proper sequence in order to be done correctly.
In this example, we provide a vulnerable setuid program. You can use race condition to attack this program to get some unauthorized privilege.
For example, if the procedure of a program to read a file is 1) to check the write permission 2) read it, we can take advantage of context switch between 1) and 2) to let this program check the permission of A while reading B.
This has been depicted in the video:
Feel free to ping me at prashantsavior@gmail.com for your queries.
No comments:
Post a Comment