• Main Menu
  • Race Condition


    A race condition occurs when multiple processes access and manipulate the same data concurrently, and the outcome of the execution depends on the particular order in which the access takes place.

    A race condition is of interest to a hacker when the race condition can be utilized to gain privileged system access.

    Consider the following code snippet which illustrates a race condition:

    if(access("/tmp/datafile",R_OK)==0){
    	fd=open("/tmp/datafile
     process(fd);
     close(fd);
    

    This code creates the temporary file /tmp/datafile and then opens it.

    The potential race condition occurs between the call to access() and the call to open(). If an attacker can replace the contents of /tmp/datafile between the access() and open() functions, he can manipulate the actions of the program which uses that datafile. This is the race.

    Race Condition

    It can be difficult to exploit a race condition, because you may have to "run the race" many times before you "win." You may have to run the vulnerable program and the vulnerability testing tool thousands of times before you get the expolit code to execute after the vulnerability opens and before the vulnerability closes. It is sometimes possible to give the attack an extra edge by using `nice` to lower the priority of the legitimate suid program.

    Improper use of the function calls access(), chown(), chgrp(), chmod(), mktemp(), tempnam(), tmpfile(), and tmpnam() are the most common causes of race conditions.

    Got Something To Say:

    Your email address will not be published. Required fields are marked *

    3 comments
    1. gakumba geoffrey

      21 July, 2011 at 7:33 am

      apologise me,this is not a comment but is a problem.
      can we have some programming code in java,c,c++ or any other programming languange to  help us with a huge understanding please?

      Reply
    2. Rapelang

      8 April, 2011 at 9:03 am

      One way to prevent a race condition is never to run the producer and consumer concurrently. Explain why this is not the best solution?

      Reply
    3. Nametso Lewaneka

      28 February, 2011 at 1:46 pm

      how do one create two ascending and two descending ships as different theads? First create the canal lock where the ships passes.

      Reply
    Secure Programming
    174 queries in 0.515 seconds.