SlideShare a Scribd company logo

Security coding c and c++ ch8(2)

Chia-Hao Tsai
Chia-Hao Tsai
Technology
1 of 16
Download to read offline
Secure Coding in C and C++ ch8 - File I/O (2) cmj
Outline ● ● ● ● ● ● 8.1 File I/O Basic 8.2 File I/O Interfaces 8.3 Access Control 8.4 File Identification 8.5 Race Conditions 8.6 Mitigation Strategies
File Identification ● File Path ○ Directory traversal ○ /home/../etc/shadow => /etc/shadow ● Exploit on FTP (VU#210409) ○ Using sanitizing mechanism? ■ Can fool ■ replace(path, ‘../’, ‘’) => path = /home/….//etc
File Identification (Cont’d) ● Equivalence (check by filter) ○ Redundant path ■ /home/admin vs /home/./admin ○ OS-related ■ /home/private vs /home/PRIVATE ○ File System-related (HFS+) ■ sample.txt/..namedfork/data ○ wildcard ■ pathname*
File Identification (Cont’d) ● Link ○ Change current working directory to anywhere. ○ Powerful on good or vial. ● The exploits (177-related oo 2008-2009) ○ Can run as root but stuck in /root/ ○ How to change /etc/shadow?
Canonicalizing ● Canonical form is easy to validation. ○ /usr/../home/rcs => /home/rcs ○ OS-specific mechanisms for canonicalization. ○ realpath() on POSIX ● Realpath ○ Description: expands all symbolic links and resolves chars in the null-terminated string to produce canonicalized absolute pathname. ○ But: Using non-constant var. PATH_MAX which get by pathconf().
Race Conditions ● Basic example on p#451 ○ using chdir & rmdir ● TOCTOU (Time of check, time of use) ○ The rase window between check and use. ○ Replace the original by link. ● Create without replace ○ Using O_CREATE and O_EXCL ○ using fopen(file_path, ‘wx’)
Race Conditions (cont’d) ● Using file lock (on Windows) ○ LockFile() / UnlockFile() ○ shared locks: One write and many read ○ exclusive locks: Only one process ● Using mutex / semaphores ● Temporary File (table 8.4)
Strategies ● Check link is mostly unnecessary ○ If privileges setting is correctly. ○ Create hard/symbolic link will not alter the permission. ○ A setuid program should drop privileges with real UID. ● Strategies ○ ○ ○ ○ Closing the Race Window Eliminating the Race Object Controlling Access to the Race Object Race Detection Tools
Closing the Race Window ● General concept for protect resource ○ Mutual Exclusion ○ Thread-Safe Function ○ Use of Atomic Operations ● Reopening Files ○ May be necessary in long-term application. ● Checking for Symbolic Links ○ If possible, using O_NOFOLLOW flag when open.
Eliminating the Race Object ● Know what is shared ○ Overlook on system-supplied sharing. ○ Minimal access permissions. ○ Security patches installed regularly. ● Usually for file’s directory, not file itself. ● Using file descriptors, not file names ○ using fxxxx() not xxxx() ■ fchown vs chown fstat vs stat ....
… (cont’d) ● ptrace() on UNIX ○ One process (the "tracer") may observe and control the execution of another process (the "tracee"). ○ Access all memory and register values. ● Thread (share, share, share, …) ○ ○ ○ ○ System-supplied and process-supplied object. Global variables / dynamic memory. Environment variables. ...
Controlling Access ● At least one of the control flows must alter the state of the race object. ● Principle of least privilege ○ Avoid run with elevated privileges ○ Drop privileges when using shared object ○ Create file should be restricted exclusively to the owner.
… (cont’d) ● Security Directories ● Chroot jail ● Container Virtualization ○ An advanced version for jail ○ lxc / OpenVZ on Linux ○ Virtuozzo on WIndow ● Exposure ○ Avoid exposing your structure by API. ● Using Race Detection Tools
Summary ● File protected can similar with shared resource protected ○ Atomic / Spinlock / Mutex /Semaphore. ○ Using virtual/limited environment provides better protection. ● For file resource only ○ Using fd to check/control file resource is better than file name. ○ If possible, using exclusive flag when open file.
Q&A Thanks for your attention

Recommended

Userfaultfd and Post-Copy Migration
Userfaultfd and Post-Copy MigrationUserfaultfd and Post-Copy Migration
Userfaultfd and Post-Copy MigrationKernel TLV
 
6. chapter v
6. chapter v6. chapter v
6. chapter vChhom Karath
 
Streams&io
Streams&ioStreams&io
Streams&ioPhD Research Scholar
 
Onnx to Symbol Table Project
Onnx to Symbol Table ProjectOnnx to Symbol Table Project
Onnx to Symbol Table ProjectColinLu5
 
Security coding c and c++ ch8 (1)
Security coding c and c++ ch8 (1)Security coding c and c++ ch8 (1)
Security coding c and c++ ch8 (1)Chia-Hao Tsai
 
Passwd crack introduction
Passwd crack introductionPasswd crack introduction
Passwd crack introductionChia-Hao Tsai
 
HoneyCon 2014
HoneyCon 2014HoneyCon 2014
HoneyCon 2014Chia-Hao Tsai
 
Build web server
Build web serverBuild web server
Build web serverChia-Hao Tsai
 

Recommended

Userfaultfd and Post-Copy Migration
Userfaultfd and Post-Copy MigrationUserfaultfd and Post-Copy Migration
Userfaultfd and Post-Copy MigrationKernel TLV
 
6. chapter v
6. chapter v6. chapter v
6. chapter vChhom Karath
 
Streams&io
Streams&ioStreams&io
Streams&ioPhD Research Scholar
 
Onnx to Symbol Table Project
Onnx to Symbol Table ProjectOnnx to Symbol Table Project
Onnx to Symbol Table ProjectColinLu5
 
Security coding c and c++ ch8 (1)
Security coding c and c++ ch8 (1)Security coding c and c++ ch8 (1)
Security coding c and c++ ch8 (1)Chia-Hao Tsai
 
Passwd crack introduction
Passwd crack introductionPasswd crack introduction
Passwd crack introductionChia-Hao Tsai
 
HoneyCon 2014
HoneyCon 2014HoneyCon 2014
HoneyCon 2014Chia-Hao Tsai
 
Build web server
Build web serverBuild web server
Build web serverChia-Hao Tsai
 
TLPI Chapter 14 File Systems
TLPI Chapter 14 File SystemsTLPI Chapter 14 File Systems
TLPI Chapter 14 File SystemsShu-Yu Fu
 
Linux administration training
Linux administration trainingLinux administration training
Linux administration trainingiman darabi
 
44CON London 2015: NTFS Analysis with PowerForensics
44CON London 2015: NTFS Analysis with PowerForensics44CON London 2015: NTFS Analysis with PowerForensics
44CON London 2015: NTFS Analysis with PowerForensicsJared Atkinson
 
Integrity and Security in Filesystems
Integrity and Security in FilesystemsIntegrity and Security in Filesystems
Integrity and Security in FilesystemsConferencias FIST
 
ch11_fileInterface.pdf
ch11_fileInterface.pdfch11_fileInterface.pdf
ch11_fileInterface.pdfHoNguyn746501
 
Tips and Tricks for Increased Development Efficiency
Tips and Tricks for Increased Development EfficiencyTips and Tricks for Increased Development Efficiency
Tips and Tricks for Increased Development EfficiencyOlivier Bourgeois
 
Linux fundamental - Chap 10 fs
Linux fundamental - Chap 10 fsLinux fundamental - Chap 10 fs
Linux fundamental - Chap 10 fsKenny (netman)
 
When ACLs Attack
When ACLs AttackWhen ACLs Attack
When ACLs Attackandy_leonard
 
Operating System.pdf
Operating System.pdfOperating System.pdf
Operating System.pdfSyed Zaid Irshad
 
An Introduction To Linux
An Introduction To LinuxAn Introduction To Linux
An Introduction To LinuxIshan A B Ambanwela
 
INVESTIGATING UNIX SYSTEMS.pptx
INVESTIGATING UNIX SYSTEMS.pptxINVESTIGATING UNIX SYSTEMS.pptx
INVESTIGATING UNIX SYSTEMS.pptxAmAngel1
 
Intro to linux systems administration
Intro to linux systems administrationIntro to linux systems administration
Intro to linux systems administrationPadam Banthia
 
MODULE 3.1 updated-18cs56.pptx
MODULE 3.1 updated-18cs56.pptxMODULE 3.1 updated-18cs56.pptx
MODULE 3.1 updated-18cs56.pptxManasaPJ1
 
Handout: 'Open Source Tools & Resources'
Handout: 'Open Source Tools & Resources'Handout: 'Open Source Tools & Resources'
Handout: 'Open Source Tools & Resources'BDPA Education and Technology Foundation
 
Assets, files, and data parsing
Assets, files, and data parsingAssets, files, and data parsing
Assets, files, and data parsingAly Arman
 
File management
File managementFile management
File managementMohammed Sikander
 
Introduction to containers
Introduction to containersIntroduction to containers
Introduction to containersNitish Jadia
 
oslectureset7.pdf
oslectureset7.pdfoslectureset7.pdf
oslectureset7.pdfWaltonJrSmithTZ
 
Unix Basics 04sp
Unix Basics 04spUnix Basics 04sp
Unix Basics 04spDr.Ravi
 
Filehandlinging cp2
Filehandlinging cp2Filehandlinging cp2
Filehandlinging cp2Tanmay Baranwal
 
[2019.05] HST - RegEx 101 ~ 1001
[2019.05] HST - RegEx 101 ~ 1001[2019.05] HST - RegEx 101 ~ 1001
[2019.05] HST - RegEx 101 ~ 1001Chia-Hao Tsai
 
[2019.02.16] hst - orm
[2019.02.16] hst - orm[2019.02.16] hst - orm
[2019.02.16] hst - ormChia-Hao Tsai
 

More Related Content

Similar to Security coding c and c++ ch8(2)

TLPI Chapter 14 File Systems
TLPI Chapter 14 File SystemsTLPI Chapter 14 File Systems
TLPI Chapter 14 File SystemsShu-Yu Fu
 
Linux administration training
Linux administration trainingLinux administration training
Linux administration trainingiman darabi
 
44CON London 2015: NTFS Analysis with PowerForensics
44CON London 2015: NTFS Analysis with PowerForensics44CON London 2015: NTFS Analysis with PowerForensics
44CON London 2015: NTFS Analysis with PowerForensicsJared Atkinson
 
Integrity and Security in Filesystems
Integrity and Security in FilesystemsIntegrity and Security in Filesystems
Integrity and Security in FilesystemsConferencias FIST
 
ch11_fileInterface.pdf
ch11_fileInterface.pdfch11_fileInterface.pdf
ch11_fileInterface.pdfHoNguyn746501
 
Tips and Tricks for Increased Development Efficiency
Tips and Tricks for Increased Development EfficiencyTips and Tricks for Increased Development Efficiency
Tips and Tricks for Increased Development EfficiencyOlivier Bourgeois
 
Linux fundamental - Chap 10 fs
Linux fundamental - Chap 10 fsLinux fundamental - Chap 10 fs
Linux fundamental - Chap 10 fsKenny (netman)
 
INVESTIGATING UNIX SYSTEMS.pptx
INVESTIGATING UNIX SYSTEMS.pptxINVESTIGATING UNIX SYSTEMS.pptx
INVESTIGATING UNIX SYSTEMS.pptxAmAngel1
 
Intro to linux systems administration
Intro to linux systems administrationIntro to linux systems administration
Intro to linux systems administrationPadam Banthia
 
MODULE 3.1 updated-18cs56.pptx
MODULE 3.1 updated-18cs56.pptxMODULE 3.1 updated-18cs56.pptx
MODULE 3.1 updated-18cs56.pptxManasaPJ1
 
Assets, files, and data parsing
Assets, files, and data parsingAssets, files, and data parsing
Assets, files, and data parsingAly Arman
 
Introduction to containers
Introduction to containersIntroduction to containers
Introduction to containersNitish Jadia
 
Unix Basics 04sp
Unix Basics 04spUnix Basics 04sp
Unix Basics 04spDr.Ravi
 

Similar to Security coding c and c++ ch8(2) (20)

TLPI Chapter 14 File Systems
TLPI Chapter 14 File SystemsTLPI Chapter 14 File Systems
TLPI Chapter 14 File Systems
 
Linux administration training
Linux administration trainingLinux administration training
Linux administration training
 
44CON London 2015: NTFS Analysis with PowerForensics
44CON London 2015: NTFS Analysis with PowerForensics44CON London 2015: NTFS Analysis with PowerForensics
44CON London 2015: NTFS Analysis with PowerForensics
 
Integrity and Security in Filesystems
Integrity and Security in FilesystemsIntegrity and Security in Filesystems
Integrity and Security in Filesystems
 
ch11_fileInterface.pdf
ch11_fileInterface.pdfch11_fileInterface.pdf
ch11_fileInterface.pdf
 
Tips and Tricks for Increased Development Efficiency
Tips and Tricks for Increased Development EfficiencyTips and Tricks for Increased Development Efficiency
Tips and Tricks for Increased Development Efficiency
 
Linux fundamental - Chap 10 fs
Linux fundamental - Chap 10 fsLinux fundamental - Chap 10 fs
Linux fundamental - Chap 10 fs
 
When ACLs Attack
When ACLs AttackWhen ACLs Attack
When ACLs Attack
 
Operating System.pdf
Operating System.pdfOperating System.pdf
Operating System.pdf
 
An Introduction To Linux
An Introduction To LinuxAn Introduction To Linux
An Introduction To Linux
 
INVESTIGATING UNIX SYSTEMS.pptx
INVESTIGATING UNIX SYSTEMS.pptxINVESTIGATING UNIX SYSTEMS.pptx
INVESTIGATING UNIX SYSTEMS.pptx
 
Intro to linux systems administration
Intro to linux systems administrationIntro to linux systems administration
Intro to linux systems administration
 
MODULE 3.1 updated-18cs56.pptx
MODULE 3.1 updated-18cs56.pptxMODULE 3.1 updated-18cs56.pptx
MODULE 3.1 updated-18cs56.pptx
 
Handout: 'Open Source Tools & Resources'
Handout: 'Open Source Tools & Resources'Handout: 'Open Source Tools & Resources'
Handout: 'Open Source Tools & Resources'
 
Assets, files, and data parsing
Assets, files, and data parsingAssets, files, and data parsing
Assets, files, and data parsing
 
File management
File managementFile management
File management
 
Introduction to containers
Introduction to containersIntroduction to containers
Introduction to containers
 
oslectureset7.pdf
oslectureset7.pdfoslectureset7.pdf
oslectureset7.pdf
 
Unix Basics 04sp
Unix Basics 04spUnix Basics 04sp
Unix Basics 04sp
 
Filehandlinging cp2
Filehandlinging cp2Filehandlinging cp2
Filehandlinging cp2
 

More from Chia-Hao Tsai

[2019.05] HST - RegEx 101 ~ 1001
[2019.05] HST - RegEx 101 ~ 1001[2019.05] HST - RegEx 101 ~ 1001
[2019.05] HST - RegEx 101 ~ 1001Chia-Hao Tsai
 
[2019.02.16] hst - orm
[2019.02.16] hst - orm[2019.02.16] hst - orm
[2019.02.16] hst - ormChia-Hao Tsai
 
[2019.01.12] hst iptables 101 to 301
[2019.01.12] hst iptables 101 to 301[2019.01.12] hst iptables 101 to 301
[2019.01.12] hst iptables 101 to 301Chia-Hao Tsai
 
[2018.12.15] hst python object 102
[2018.12.15] hst python object 102[2018.12.15] hst python object 102
[2018.12.15] hst python object 102Chia-Hao Tsai
 
[2018.11.16] Python Object 101
[2018.11.16] Python Object 101[2018.11.16] Python Object 101
[2018.11.16] Python Object 101Chia-Hao Tsai
 
[2017.03.18] hst binary training part 1
[2017.03.18] hst binary training part 1[2017.03.18] hst binary training part 1
[2017.03.18] hst binary training part 1Chia-Hao Tsai
 
Rootkit 102 - Kernel-Based Rootkit
Rootkit 102 - Kernel-Based RootkitRootkit 102 - Kernel-Based Rootkit
Rootkit 102 - Kernel-Based RootkitChia-Hao Tsai
 
Rootkit 101 - 2nd Edition
Rootkit 101 - 2nd EditionRootkit 101 - 2nd Edition
Rootkit 101 - 2nd EditionChia-Hao Tsai
 
Learn Python in 30 min - 4
Learn Python in 30 min - 4Learn Python in 30 min - 4
Learn Python in 30 min - 4Chia-Hao Tsai
 
Learn python in 30 min - 3
Learn python in 30 min - 3Learn python in 30 min - 3
Learn python in 30 min - 3Chia-Hao Tsai
 
Learn python 2 - Real World Case
Learn python 2 - Real World CaseLearn python 2 - Real World Case
Learn python 2 - Real World CaseChia-Hao Tsai
 

More from Chia-Hao Tsai (15)

[2019.05] HST - RegEx 101 ~ 1001
[2019.05] HST - RegEx 101 ~ 1001[2019.05] HST - RegEx 101 ~ 1001
[2019.05] HST - RegEx 101 ~ 1001
 
[2019.02.16] hst - orm
[2019.02.16] hst - orm[2019.02.16] hst - orm
[2019.02.16] hst - orm
 
[2019.01.12] hst iptables 101 to 301
[2019.01.12] hst iptables 101 to 301[2019.01.12] hst iptables 101 to 301
[2019.01.12] hst iptables 101 to 301
 
[2018.12.15] hst python object 102
[2018.12.15] hst python object 102[2018.12.15] hst python object 102
[2018.12.15] hst python object 102
 
[2018.11.16] Python Object 101
[2018.11.16] Python Object 101[2018.11.16] Python Object 101
[2018.11.16] Python Object 101
 
[2017.03.18] hst binary training part 1
[2017.03.18] hst binary training part 1[2017.03.18] hst binary training part 1
[2017.03.18] hst binary training part 1
 
Rootkit 102 - Kernel-Based Rootkit
Rootkit 102 - Kernel-Based RootkitRootkit 102 - Kernel-Based Rootkit
Rootkit 102 - Kernel-Based Rootkit
 
Rootkit 101 - 2nd Edition
Rootkit 101 - 2nd EditionRootkit 101 - 2nd Edition
Rootkit 101 - 2nd Edition
 
ELF 101
ELF 101ELF 101
ELF 101
 
Maker - WiFi AP
Maker - WiFi APMaker - WiFi AP
Maker - WiFi AP
 
Learn Python in 30 min - 4
Learn Python in 30 min - 4Learn Python in 30 min - 4
Learn Python in 30 min - 4
 
Learn python in 30 min - 3
Learn python in 30 min - 3Learn python in 30 min - 3
Learn python in 30 min - 3
 
Learn python 2 - Real World Case
Learn python 2 - Real World CaseLearn python 2 - Real World Case
Learn python 2 - Real World Case
 
Learn python 1
Learn python 1Learn python 1
Learn python 1
 
Rootkit tw(0224)
Rootkit tw(0224)Rootkit tw(0224)
Rootkit tw(0224)
 

Recently uploaded

Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Neo4j
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slidevu2urc
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptxHampshireHUG
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024Rafal Los
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Servicegiselly40
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationMichael W. Hawkins
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityPrincipled Technologies
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)Gabriella Davis
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Drew Madelung
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfEnterprise Knowledge
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024Results
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...gurkirankumar98700
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonAnna Loughnan Colquhoun
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEarley Information Science
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Enterprise Knowledge
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024The Digital Insurer
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 

Recently uploaded (20)

Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
Workshop - Best of Both Worlds_ Combine KG and Vector search for enhanced R...
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 
Histor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slideHistor y of HAM Radio presentation slide
Histor y of HAM Radio presentation slide
 
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
04-2024-HHUG-Sales-and-Marketing-Alignment.pptx
 
The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024The 7 Things I Know About Cyber Security After 25 Years | April 2024
The 7 Things I Know About Cyber Security After 25 Years | April 2024
 
CNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of ServiceCNv6 Instructor Chapter 6 Quality of Service
CNv6 Instructor Chapter 6 Quality of Service
 
GenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day PresentationGenCyber Cyber Security Day Presentation
GenCyber Cyber Security Day Presentation
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
Strategies for Unlocking Knowledge Management in Microsoft 365 in the Copilot...
 
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdfThe Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
The Role of Taxonomy and Ontology in Semantic Layers - Heather Hedden.pdf
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024A Call to Action for Generative AI in 2024
A Call to Action for Generative AI in 2024
 
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
Kalyanpur ) Call Girls in Lucknow Finest Escorts Service 🍸 8923113531 🎰 Avail...
 
Data Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt RobisonData Cloud, More than a CDP by Matt Robison
Data Cloud, More than a CDP by Matt Robison
 
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptxEIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
EIS-Webinar-Prompt-Knowledge-Eng-2024-04-08.pptx
 
Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...Driving Behavioral Change for Information Management through Data-Driven Gree...
Driving Behavioral Change for Information Management through Data-Driven Gree...
 
Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024Tata AIG General Insurance Company - Insurer Innovation Award 2024
Tata AIG General Insurance Company - Insurer Innovation Award 2024
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 

Security coding c and c++ ch8(2)

  • 1. Secure Coding in C and C++ ch8 - File I/O (2) cmj
  • 2. Outline ● ● ● ● ● ● 8.1 File I/O Basic 8.2 File I/O Interfaces 8.3 Access Control 8.4 File Identification 8.5 Race Conditions 8.6 Mitigation Strategies
  • 3. File Identification ● File Path ○ Directory traversal ○ /home/../etc/shadow => /etc/shadow ● Exploit on FTP (VU#210409) ○ Using sanitizing mechanism? ■ Can fool ■ replace(path, ‘../’, ‘’) => path = /home/….//etc
  • 4. File Identification (Cont’d) ● Equivalence (check by filter) ○ Redundant path ■ /home/admin vs /home/./admin ○ OS-related ■ /home/private vs /home/PRIVATE ○ File System-related (HFS+) ■ sample.txt/..namedfork/data ○ wildcard ■ pathname*
  • 5. File Identification (Cont’d) ● Link ○ Change current working directory to anywhere. ○ Powerful on good or vial. ● The exploits (177-related oo 2008-2009) ○ Can run as root but stuck in /root/ ○ How to change /etc/shadow?
  • 6. Canonicalizing ● Canonical form is easy to validation. ○ /usr/../home/rcs => /home/rcs ○ OS-specific mechanisms for canonicalization. ○ realpath() on POSIX ● Realpath ○ Description: expands all symbolic links and resolves chars in the null-terminated string to produce canonicalized absolute pathname. ○ But: Using non-constant var. PATH_MAX which get by pathconf().
  • 7. Race Conditions ● Basic example on p#451 ○ using chdir & rmdir ● TOCTOU (Time of check, time of use) ○ The rase window between check and use. ○ Replace the original by link. ● Create without replace ○ Using O_CREATE and O_EXCL ○ using fopen(file_path, ‘wx’)
  • 8. Race Conditions (cont’d) ● Using file lock (on Windows) ○ LockFile() / UnlockFile() ○ shared locks: One write and many read ○ exclusive locks: Only one process ● Using mutex / semaphores ● Temporary File (table 8.4)
  • 9. Strategies ● Check link is mostly unnecessary ○ If privileges setting is correctly. ○ Create hard/symbolic link will not alter the permission. ○ A setuid program should drop privileges with real UID. ● Strategies ○ ○ ○ ○ Closing the Race Window Eliminating the Race Object Controlling Access to the Race Object Race Detection Tools
  • 10. Closing the Race Window ● General concept for protect resource ○ Mutual Exclusion ○ Thread-Safe Function ○ Use of Atomic Operations ● Reopening Files ○ May be necessary in long-term application. ● Checking for Symbolic Links ○ If possible, using O_NOFOLLOW flag when open.
  • 11. Eliminating the Race Object ● Know what is shared ○ Overlook on system-supplied sharing. ○ Minimal access permissions. ○ Security patches installed regularly. ● Usually for file’s directory, not file itself. ● Using file descriptors, not file names ○ using fxxxx() not xxxx() ■ fchown vs chown fstat vs stat ....
  • 12. … (cont’d) ● ptrace() on UNIX ○ One process (the "tracer") may observe and control the execution of another process (the "tracee"). ○ Access all memory and register values. ● Thread (share, share, share, …) ○ ○ ○ ○ System-supplied and process-supplied object. Global variables / dynamic memory. Environment variables. ...
  • 13. Controlling Access ● At least one of the control flows must alter the state of the race object. ● Principle of least privilege ○ Avoid run with elevated privileges ○ Drop privileges when using shared object ○ Create file should be restricted exclusively to the owner.
  • 14. … (cont’d) ● Security Directories ● Chroot jail ● Container Virtualization ○ An advanced version for jail ○ lxc / OpenVZ on Linux ○ Virtuozzo on WIndow ● Exposure ○ Avoid exposing your structure by API. ● Using Race Detection Tools
  • 15. Summary ● File protected can similar with shared resource protected ○ Atomic / Spinlock / Mutex /Semaphore. ○ Using virtual/limited environment provides better protection. ● For file resource only ○ Using fd to check/control file resource is better than file name. ○ If possible, using exclusive flag when open file.
  • 16. Q&A Thanks for your attention