Vulnerability Development mailing list archives
Re: Temp File Race Conditions
From: Crispin Cowan <crispin () WIREX COM>
Date: Sat, 10 Mar 2001 12:51:14 -0800
Barry Russell wrote:
Does anyone know of any texts that talk about temp file race conditions?
The canonical paper on race vulnerabilities is Matt Bishops's "Checking for Race Conditions in File Accesses", published in USENIX Computing Systems, Spring 1996, and available here http://olympus.cs.ucdavis.edu/~bishop/scriv/index.html Matt is writing a security text, and it seems likely that he'd address the issue in his new book. I don't know when the book will be released. Immunix is building a tool called "RaceGuard". A paper has been submitted to USENIX Security for review, and we expect to release the code later this spring. Crispin -- Crispin Cowan, Ph.D. Chief Research Scientist, WireX Communications, Inc. http://wirex.com Free Hardened Linux Distribution: http://immunix.org
Current thread:
- Temp File Race Conditions Barry Russell (Mar 10)
- Re: Temp File Race Conditions Crispin Cowan (Mar 10)
- <Possible follow-ups>
- Re: Temp File Race Conditions Yosi (Mar 11)