|
Symlink Race
A symlink race is a kind of software security vulnerability that results from a program creating files in an insecure manner. A malicious user can create a symbolic link to a file not otherwise accessible to them. When the privileged program creates a file of the same name as the symbolic link, it actually creates the linked-to file instead, possibly inserting content desired by the malicious user (see example below), or even provided by the malicious user (as input to the program). It is called a " race" because in its typical manifestation, the program checks to see if a file by that name already exists; if it does not exist, the program then creates the file. An attacker must create the link in the interval between the check and when the file is created. A symlink race can happen with antivirus products that decide they will quarantine or delete a suspicious file, and then go ahead and do that. During the interval between decision and action, malicious software can replace th ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Vulnerability (computer Science)
Vulnerabilities are flaws or weaknesses in a system's design, implementation, or management that can be exploited by a malicious actor to compromise its security. Despite a system administrator's best efforts to achieve complete correctness, virtually all hardware and software contain bugs where the system does not behave as expected. If the bug could enable an attacker to compromise the confidentiality, integrity, or availability of system resources, it can be considered a vulnerability. Insecure software development practices as well as design factors such as complexity can increase the burden of vulnerabilities. Vulnerability management is a process that includes identifying systems and prioritizing which are most important, scanning for vulnerabilities, and taking action to secure the system. Vulnerability management typically is a combination of remediation, mitigation, and acceptance. Vulnerabilities can be scored for severity according to the Common Vulnerability Scori ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Unix
Unix (, ; trademarked as UNIX) is a family of multitasking, multi-user computer operating systems that derive from the original AT&T Unix, whose development started in 1969 at the Bell Labs research center by Ken Thompson, Dennis Ritchie, and others. Initially intended for use inside the Bell System, AT&T licensed Unix to outside parties in the late 1970s, leading to a variety of both academic and commercial Unix variants from vendors including University of California, Berkeley ( BSD), Microsoft (Xenix), Sun Microsystems ( SunOS/ Solaris), HP/ HPE ( HP-UX), and IBM ( AIX). The early versions of Unix—which are retrospectively referred to as " Research Unix"—ran on computers such as the PDP-11 and VAX; Unix was commonly used on minicomputers and mainframes from the 1970s onwards. It distinguished itself from its predecessors as the first portable operating system: almost the entire operating system is written in the C programming language (in 1973), which allows U ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Mkstemp
In computing, mkstemp is a POSIX function for creating a temporary file (a computer file which usually ceases to exist when the program, which opened the file, closes it or terminates). It accepts an argument that determines the location of the temporary file, and the prefix of its generated filename. After mkstemp was added to the Single UNIX Specification, the function tmpnam() was deprecated, because the latter carried the risk that a temporary file with the same name could be created by another thread or process within the time from when the caller obtains the temporary filename and attempts to create it. mkstemp does not suffer from this problem. Usage Inclusion ; C #include // per IEEE Std 1003.1, 2004 #include // for "legacy" systems ; C++ #include // per IEEE Std 1003.1, 2004 #include // for "legacy" systems Declaration int mkstemp(char* template); Requirements * The parameter template must be a modifiable, null-terminated character array. * The contents of ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
C Standard Library
The C standard library, sometimes referred to as libc, is the standard library for the C (programming language), C programming language, as specified in the ISO C standard.International Organization for Standardization, ISO/International Electrotechnical Commission, IEC (2018). ''C17 (C standard revision), ISO/IEC 9899:2018(E): Programming Languages - C §7'' Starting from the original ANSI C standard, it was developed at the same time as the C POSIX library, which is a superset of it. Since ANSI C was adopted by the International Organization for Standardization, the C standard library is also called the ISO C library. The C standard library provides macro (computer science), macros, Data type, type definitions and Function (computer programming), functions for tasks such as character string (computer science), string manipulation, mathematical computation, input/output processing, memory management, and input/output. Application programming interface (API) Header files The ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
POSIX
The Portable Operating System Interface (POSIX; ) is a family of standards specified by the IEEE Computer Society for maintaining compatibility between operating systems. POSIX defines application programming interfaces (APIs), along with command line shells and utility interfaces, for software compatibility (portability) with variants of Unix and other operating systems. POSIX is also a trademark of the IEEE. POSIX is intended to be used by both application and system developers. As of POSIX 2024, the standard is aligned with the C17 language standard. Name Originally, the name "POSIX" referred to IEEE Std 1003.1-1988, released in 1988. The family of POSIX standards is formally designated as IEEE 1003 and the ISO/IEC standard number is ISO/ IEC 9945. The standards emerged from a project that began in 1984 building on work from related activity in the ''/usr/group'' association. Richard Stallman suggested the name ''POSIX'' to the IEEE instead of the former ''IEEE-IX''. Th ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Superuser
In computing, the superuser is a special user account used for system administration. Depending on the operating system (OS), the actual name of this account might be root, administrator, admin or supervisor. In some cases, the actual name of the account is not the determining factor; on Unix-like systems, for example, the user with a user identifier (UID) of zero is the superuser .e., uid=0 regardless of the name of that account; and in systems which implement a r model, any user with the role of superuser (or its synonyms) can carry out all actions of the superuser account. The principle of least privilege recommends that most users and applications run under an ordinary account to perform their work, as a superuser account is capable of making unrestricted, potentially adverse, system-wide changes. Unix and Unix-like In Unix-like computer OSes (such as Linux), ''root'' is the conventional name of the user who has all rights or permissions (to all files and programs) in all mod ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Rlogin
The Berkeley r-commands are a suite of computer programs designed to enable users of one Unix system to log in or issue commands to another Unix computer via TCP/IP computer network. The r-commands were developed in 1982 by the Computer Systems Research Group at the University of California, Berkeley, based on an early implementation of TCP/IP (the protocol stack of the Internet). The CSRG incorporated the r-commands into their Unix operating system, the Berkeley Software Distribution (BSD). The r-commands premiered in BSD v4.1. Among the programs in the suite are: (remote copy), (remote execution), (remote login), (remote shell), , , and (remote who). The r-commands were a significant innovation, and became ''de facto'' standards for Unix operating systems. With wider public adoption of the Internet, their inherent security vulnerabilities became a problem, and beginning with the development of Secure Shell protocols and applications in 1995, its adoption entirely sup ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Account (computing)
A user is a person who uses a computer or network service. A user often has a user account and is identified to the system by a username (or user name). Some software products provide services to other systems and have no direct end users. End user End users are the ultimate human users (also referred to as operators) of a software product. The end user stands in contrast to users who support or maintain the product such as sysops, database administrators and computer technicians. The term is used to abstract and distinguish those who only use the software from the developers of the system, who enhance the software for end users. In user-centered design, it also distinguishes the software operator from the client who pays for its development and other stakeholders who may not directly use the software, but help establish its requirements. This abstraction is primarily useful in designing the user interface, and refers to a relevant subset of characteristics that most exp ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Computer File
A computer file is a System resource, resource for recording Data (computing), data on a Computer data storage, computer storage device, primarily identified by its filename. Just as words can be written on paper, so too can data be written to a computer file. Files can be shared with and transferred between computers and Mobile device, mobile devices via removable media, Computer networks, networks, or the Internet. Different File format, types of computer files are designed for different purposes. A file may be designed to store a written message, a document, a spreadsheet, an Digital image, image, a Digital video, video, a computer program, program, or any wide variety of other kinds of data. Certain files can store multiple data types at once. By using computer programs, a person can open, read, change, save, and close a computer file. Computer files may be reopened, modified, and file copying, copied an arbitrary number of times. Files are typically organized in a file syst ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Antivirus
Antivirus software (abbreviated to AV software), also known as anti-malware, is a computer program used to prevent, detect, and remove malware. Antivirus software was originally developed to detect and remove computer viruses, hence the name. However, with the proliferation of other malware, antivirus software started to protect against other computer threats. Some products also include protection from malicious URLs, Spam (electronic), spam, and phishing. History 1971–1980 period (pre-antivirus days) The first known computer virus appeared in 1971 and was dubbed the "Creeper (program), Creeper virus". This computer virus infected Digital Equipment Corporation's (Digital Equipment Corporation, DEC) PDP-10 mainframe computers running the TENEX (operating system), TENEX operating system. [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
Time-of-check To Time-of-use
In software development, time-of-check to time-of-use (TOCTOU, TOCTTOU or TOC/TOU) is a class of software bugs caused by a race condition involving the ''checking'' of the state of a part of a system (such as a security credential) and the ''use'' of the results of that check. TOCTOU race conditions are common in Unix between operations on the file system, but can occur in other contexts, including local sockets and improper use of database transactions. In the early 1990s, the mail utility of BSD 4.3 UNIX had an exploitable race condition for temporary files because it used the mktemp() function. Early versions of OpenSSH had an exploitable race condition for Unix domain sockets. They remain a problem in modern systems; as of 2019, a TOCTOU race condition in Docker allows root access to the filesystem of the host platform. In the 2023 Pwn2Own competition in Vancouver, a team of hackers were able to compromise the gateway in an updated Tesla Model 3 using this bug. Example ... [...More Info...] [...Related Items...] OR: [Wikipedia] [Google] [Baidu] |
