STING: Finding Name Resolution Vulnerabilities in Programs

STING: Finding Name Resolution Vulnerabilities in Programs

Hayawardh Vijayakumar, Joshua Schiffman,Trent Jaeger Systems and Internet Infrastructure Security (SIIS) Lab

Computer Science and Engineering Department Pennsylvania State University

Systems and Internet Infrastructure Security Laboratory (SIIS) Friday, August 10, 2012

Page 1

Name Resolution

? Processes often use names to obtain access to system resources

? A nameserver (e.g.,OS) performs name resolution using namespace bindings (e.g., directory) to convert a name (e.g., filename) into a system resource (e.g., file)

! Filesystem, System V IPC, ...

P

/

var mail root

Systems and Internet Infrastructure Security Laboratory (SIIS) Friday, August 10, 2012

Page 2

Name Resolution

? Processes often use names to obtain access to system resources

? A nameserver (e.g.,OS) performs name resolution using namespace bindings (e.g., directory) to convert a name (e.g., filename) into a system resource (e.g., file)

! Filesystem, System V IPC, ...

P

open("/var/ mail/root")

/

Name (filename)

Systems and Internet Infrastructure Security Laboratory (SIIS) Friday, August 10, 2012

var mail root

Page 2

Name Resolution

? Processes often use names to obtain access to system resources

? A nameserver (e.g.,OS) performs name resolution using namespace bindings (e.g., directory) to convert a name (e.g., filename) into a system resource (e.g., file)

! Filesystem, System V IPC, ... Namespace (filesystem)

P

open("/var/ mail/root")

/

Name (filename)

Systems and Internet Infrastructure Security Laboratory (SIIS) Friday, August 10, 2012

var mail root

Page 2

Name Resolution

? Processes often use names to obtain access to system resources

? A nameserver (e.g.,OS) performs name resolution using namespace bindings (e.g., directory) to convert a name (e.g., filename) into a system resource (e.g., file)

! Filesystem, System V IPC, ... Namespace (filesystem)

P

open("/var/ mail/root")

Name (filename)

Systems and Internet Infrastructure Security Laboratory (SIIS) Friday, August 10, 2012

/

var mail

Bindings (directories)

root

Page 2

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download

To fulfill the demand for quickly locating and searching documents.

It is intelligent file search solution for home and business.

Literature Lottery

Related download
Related searches

©2024 5y1.org, Inc. All rights reserved.