STING: Finding Name Resolution Vulnerabilities in Programs
STING: Finding Name Resolution Vulnerabilities in Programs
Hayawardh Vijayakumar, Joshua Schiffman,Trent Jaeger Systems and Internet Infrastructure Security (SIIS) Lab
Computer Science and Engineering Department Pennsylvania State University
Systems and Internet Infrastructure Security Laboratory (SIIS) Friday, August 10, 2012
Page 1
Name Resolution
? Processes often use names to obtain access to system resources
? A nameserver (e.g.,OS) performs name resolution using namespace bindings (e.g., directory) to convert a name (e.g., filename) into a system resource (e.g., file)
! Filesystem, System V IPC, ...
P
/
var mail root
Systems and Internet Infrastructure Security Laboratory (SIIS) Friday, August 10, 2012
Page 2
Name Resolution
? Processes often use names to obtain access to system resources
? A nameserver (e.g.,OS) performs name resolution using namespace bindings (e.g., directory) to convert a name (e.g., filename) into a system resource (e.g., file)
! Filesystem, System V IPC, ...
P
open("/var/ mail/root")
/
Name (filename)
Systems and Internet Infrastructure Security Laboratory (SIIS) Friday, August 10, 2012
var mail root
Page 2
Name Resolution
? Processes often use names to obtain access to system resources
? A nameserver (e.g.,OS) performs name resolution using namespace bindings (e.g., directory) to convert a name (e.g., filename) into a system resource (e.g., file)
! Filesystem, System V IPC, ... Namespace (filesystem)
P
open("/var/ mail/root")
/
Name (filename)
Systems and Internet Infrastructure Security Laboratory (SIIS) Friday, August 10, 2012
var mail root
Page 2
Name Resolution
? Processes often use names to obtain access to system resources
? A nameserver (e.g.,OS) performs name resolution using namespace bindings (e.g., directory) to convert a name (e.g., filename) into a system resource (e.g., file)
! Filesystem, System V IPC, ... Namespace (filesystem)
P
open("/var/ mail/root")
Name (filename)
Systems and Internet Infrastructure Security Laboratory (SIIS) Friday, August 10, 2012
/
var mail
Bindings (directories)
root
Page 2
................
................
In order to avoid copyright disputes, this page is only a partial summary.
To fulfill the demand for quickly locating and searching documents.
It is intelligent file search solution for home and business.
Related download
- unix password security ten years later springer
- security related commands in unix syracuse university
- answers to even numbered exercises 4
- part 1 race condition vulnerability lab
- linux shadow password howto linux documentation project
- answers to even numbered exercises 6 sobell
- linux command line cheat sheet
- uunniixx lliinnuuxx rreegguullaarr
- subjects processes users access objects e g files
- linux from scratch howto mit
Related searches
- finding one s passion in life
- name of ministers in ghana
- name every city in europe quiz
- change name of column in python
- finding a literary agent in usa
- name of movie in a sentence
- name of symbols in english
- name the months in a year
- how to name a sheet in excel
- name of prisons in mississippi
- name a column in r
- name some values in life