123ArticleOnline Logo
Welcome to 123ArticleOnline.com!
ALL >> Computers >> View Article

What Is A Race Condition?

Profile Picture
By Author: Barbara Jones
Total Articles: 3764
Comment this article
Facebook ShareTwitter ShareGoogle+ ShareTwitter Share

A race condition occurs when multiple processes access and manipulate the same data concurrently, and the outcome of the execution depends on the particular order in which the access takes place.

A race condition is of interest to a hacker when the race condition can be utilized to gain privileged system access.

Consider the following code snippet which illustrates a race condition:

if(access("/tmp/datafile",R_OK)==0){
fd=open("/tmp/datafile
process(fd);
close(fd);

This code creates the temporary file /tmp/datafile and then opens it.

The potential race condition occurs between the call to access() and the call to open().

If an attacker can replace the contents of /tmp/datafile between the access() and open() functions, he can manipulate the actions of the program which uses that datafile. This is the race.

It can be difficult to exploit a race condition, because you may have to "run the race" many times before you "win." You may have to run the vulnerable program and the vulnerability testing tool thousands of times before you ...
... get the expolit code to execute after the vulnerability opens and before the vulnerability closes. It is sometimes possible to give the attack an extra edge by using `nice` to lower the priority of the legitimate suid program.

Improper use of the function calls access(), chown(), chgrp(), chmod(), mktemp(), tempnam(), tmpfile(), and tmpnam() are the normal causes of a race condition.

Total Views: 388Word Count: 245See All articles From Author

Add Comment

Computers Articles

1. Custom Website Development Services
Author: brainbell10

2. Enhance Storage Conditions With Warehouse Humidity Monitor And Probe Monitoring Solutions For Greater Environmental Control
Author: Chris Miller

3. How Telecom Networks Are Being Built Smarter — One Data Point At A Time
Author: Itech Lance

4. Mobile Threat Management Market: Enabling Secure And Connected Workforces
Author: Umangp

5. Expand Your Business With Ipad App Development
Author: brainbell10

6. Laptop Screen Replacement In Dubai
Author: majid computer

7. Edc Systems With Strong Etmf Integration And External Connectivity For Cros And Sponsors
Author: Giselle Bates

8. From 3d Data To Clear Plans: Point Cloud To Cad Help From Itechlance It Pvt. Ltd
Author: Itech Lance

9. Future Of Digital World Drones Or Mobile Apps
Author: brainbell10

10. User And Entity Behavior Analytics (ueba) Market: The Key To Managing Third-party Cyber Risks
Author: Umangp

11. Buy Epson Tm-t88vi Receipt Printer With Warranty
Author: prime pos

12. Food Delivery Mobile App Development Cost & Features
Author: brainbell10

13. Cell Phone Repair Near Me | Fast & Trusted Service
Author: Real Mobile Repair

14. 00al556 Ibm 550-watts Platinum Power Supply For X3650 M4: Reliable And Energy-efficient Power For Enterprise Servers
Author: Server Tech Central

15. Iot Identity And Access Management (iam) Market : Driving Secure Innovation In Connected Ecosystems
Author: Umangp

Login To Account
Login Email:
Password:
Forgot Password?
New User?
Sign Up Newsletter
Email Address: