Correct - the approaches work fine when race conditions are eliminated
Posted Aug 23, 2007 7:13 UTC (Thu) by Cato
In reply to: Correct - the approaches work fine when race conditions are eliminated
Parent article: Exploiting races in system call wrappers
Indeed - this model of 'copy first then check' was known as 'touch once programming' over 20 years ago, so there's little excuse for repeating this mistake again. Perhaps what's needed is smarter static analysis tools that can point out this sort of error?
Getting good performance is a challenge, but with the speed of modern CPUs I'd rather spend some CPU cycles on copying than spend many administrator hours responding to a security breach.
to post comments)