Operating Systems May Use The Following Mechanism

1537 WordsDec 16, 20167 Pages
Operating systems may use the following mechanisms to avoid attacks of this type: • Operating systems can provide sandboxes: Sandboxes are environments where a program can execute but should not affect the rest of the machine. • The trick here is, permitting limited interaction with outside while still providing the full functionality of the operating system. Or in other words, the file system can be kept out of unauthorized access and 3rd party softwares may be allowed minimum access to filesystems. Race conditions can also be a critical security issue. To illustrate such a situation, consider a privileged program that checks if a file is readable and then tries to open it as root. The attacker passes it a symbolic link, in the interval between the two operations; the attacker removes the link and replaces it with a link to a protected file. This would give him direct access to the Study of Security in Legendary Sreeyapureddy ABHIYANTRIKI: An International Journal of Engineering & Technology 53 Volume 1, Number 1, November, 2014 (44-57) protected file area and into the system. So here, an attacker takes advantage of the race condition between two operations to get access into the protected area of the operating system. The only way to overcome such attacks is to provide only atomic operations to access files and strict restrictions on their access by other users other than root. Security is not only an issue with the operating systems in desktops and laptops; the
Open Document