Answer

An Investigation of the Technical Issues Associated with Operating System’s Protection and Security

Abstract

            The increased use of computers and the rise in computer technology increases the challenges related to operating system’s security and the need for its protection. This study provides an insight into the technical issues related with operating systems protection and security. Race condition is chosen as the primary vulnerability to be considered in this case since they provide a remote attacker with an access to the local resources available in the system without the knowledge of the user. The primary elements of the race condition vulnerability are identified in this case and race condition exploits. Additionally, the study also unveils the means of protection to prevent a similar vulnerability from occurrence in the future hence intensifying the system’s security using semaphores as strategy of consideration.

Keywords: Semaphores, Deadlock, race condition

Introduction

            Computers have become a necessity in the current century. However, the computers are increasingly facing vulnerabilities since the computer systems are gradually under the threats of acts of nature or the inadvertent errors as well as the unethical and criminal activities originating from the external environment (Malatji, Sune & Marnewick, 2019). According to Sotirios (2012), security has been a major concern for the Operating system users and developers. From an informal perspective, it is evident that security of an operating system entails the act of keeping off unauthorized users from doing things that they are not supposed. The protection of the operating system entails having measures implemented in place with a primary role of keeping off the third parties from unauthorized access through authentication procedures. The authentication of the users has to be highly secures to ensure that also hackers are kept off. Windows Operating System is highly vulnerable to the security threats in comparison to the Linux OS. The increased security vulnerability evident in the case of the Windows OS is because Linux OS has a smaller user base. Additionally, it is also evident that the malwares on the Linux system lack a root access. In addition, it is evident that Linux has fast updates for the system’s vulnerabilities. Race condition refers to a privilege vulnerability which manipulates the small window of time existing between the appliance of security control and the utilization of services within a system. The vulnerability comes about due to the interferences arising from the multiple threads initiated within the system which also share the same resources. In this case, the processes can be trusted files within the OS as well as the untrusted ones (Farah, Shelim, Zaman, Hassan & Alam, 2017). Race conditions vulnerability is common within UNIX-like systems. Evidently, in this case, the /var/tmp and /tmp directories are shared between the threads available in the system (Farah et al., 2017). The focus of this research paper is to examine the race condition vulnerability experienced in operating systems, particularly the UNIX-like systems.

Methods

            This study relies on a secondary research methodology whereby already published data about race conditions vulnerability are accessed to understand the technical issue reported in the area of operating systems and security.

Results and Findings

            The study established that race condition is one of the technical vulnerability experienced in the area of operating systems security and protection. Through the published studies, it was further established that the race condition is mainly experienced in the event where the system tries to accomplish two or more operations simultaneously. The operations should be conducted in the right sequence to ensure that they are completed effectively. The study also derived that race conditions can be prevented through the use of techniques and strategies such as semaphores.

Related Works

Operating systems are faced by different security challenges (Kim, Duh, Sarhan & Hahanov, 2013). For instance, operating system support is one of the technical challenges experienced by the multimedia, distributed and real-time systems. The outdated general-purpose operating systems are not efficiently appropriate to handle continuous data. However, it is evident that in the existing OS, like UNIX, incorporated continuous media applications are associated with poor performance. Notably, the system will likely suffer from lost data and timing errors in the events where there is a synchronized system action (Sadowski, 2012). The experienced problems are mainly because of the usage of the user/kernel appliances whereby the user-level programs call the system functions. Race condition vulnerability is also a potential concern experienced by OS users.

Race conditions as a critical issue for operating system’s security and protection

            According to Rath and Anil (2012) race conditions is an example of a critical security issue associated with operating systems. A privileged program that ensures that a file is readable and seeks to open it as root can be considered to illustrate the issue of race conditions. In this case, the attacker passes the privilege program as a symbolic link existing between the interval and the two operations. Subsequently, the attacker eliminates the link and replaces it with a different file which is protected (Rath & Anil, 2012). The outcome of this action is that the attacker is provided with a direct access to the protected region on the system. As a result, the attacker takes advantage of the race condition available between the two operations to have an access to the system. Rath and Anil (2012) suggest that the only way to overcome the race conditions issue is by ensuring that only atomic operations are provided with an access files. Moreover, strict restrictions should also be attached to their access by other system users other than the root.

            A race condition is experienced in a common memory program whereby at least two threads are focused on accessing the same resource through the use of memory data and at least a single thread which effects a write operation. It is evident that the access can take place concurrently. Race conditions can take place when the common data accesses are not accurately coordinated and the implementation outcome depends on the sequence of the threads. A thread refers to a procedure of isolating the numerous applications that executes one at a time within a computer system (Rath & Anil, 2012).

Race Condition Vulnerability and its Elements

            A thread refers to a process that ensures the isolation of different applications which are executing concurrently within a computer system (Carr, Mayo & Shene, n.d). This is a program’s path execution. One of the functions of the thread is to take part in the processes execution. The OS will assign the processor time to the thread to guarantee that its tasks are executed as scheduled. Multiple threads can be contained within a single process when the execution process is taking place. The threads maintain their scheduling priorities, exception handlers, and a group of structures which the OS utilizes to save the context of the thread. Threads vary from processes based on the fact that they can share data structures and memories directly (Rath & Anil, 2012).

            A multi-thread is also an example of a race condition element. Systems are built in a way that they allow different processes to execute concurrently. For instance, drawing pictures and reading keystroke processes can be accomplished at the same time. An operating system that permits multitasking to take place makes it possible for a simultaneous execution of multiple threads to be accomplished. This is achieved by dividing the set processor time among the threads available within the process (Rath & Anil, 2012). The subdivision process is what results to multithreading. Although the threads share the process resources, the execution process take place independently. The OS ensures that the processor time is allocated to each thread uniquely, one after the other (Rouzaud-Cornabas, Patrice & Toinard, 2010). After the time allocated to a thread elapses, the second thread resumes the execution process. The threads are executed under the same program suggesting that the process of reading and writing the same memory takes place simultaneous (Rath & Anil, 2012).

Critical Section

            The critical section of a program refers to an area where the global shared memory on the system is being accessed. At this section of the code, multiple threads are executed concurrently. At the critical section, the order of the execution of the threads inflicts a variance of the synchronized executions at this point (Bishop & Dilger, 1996). While effecting numerous threads under the identical application, the manifold threads can allow the access of the same resources. The outcome of this move can include the establishment of a race condition vulnerability being experienced within the system. A critical section code in Java is shown in Figure 1 in appendix 1 below.

Race Condition Attack

            Race condition influences the check time or the gap in time experienced amid the threads existing in the critical section and hence resulting to incomprehension being experienced in the shared data (Sotirios, 2012). A race condition experienced within a transaction is shown in figure 2 in appendix 2 below.

             Within a systematic transaction, only a single application request is performed under a single thread. When experiencing a race condition issue, numerous requests are processed at the same time. On the other hand, on a normal transaction, only a distinct request is accomplished within a single thread. Under a race condition attack, numerous requests are processed within the equivalent shared data (Wei, n.d). In the case shown in the figure above, it is evident that a two withdraw request is sent in the similar thread through the use of the identical shared data with the second transfer information saved in the system. This factor was experienced because the time between TOU and TOC for the first request was long enough allowing the initiation on the processing of the second TOC and TOU (Wei, n.d). Normally, two requests available under a similar thread do not take place. Nevertheless, if vast number of requests is sent through the application within a limited time, the TOC/TOU of the threads will overlay at some instance to establish a likely race condition.

Race Condition Exploits

            Exploits associated with race condition are known to be delicate in nature. To be executed, the exploits typically require repeated attempts. Race conditions exploits occurred in internet explorer version 2011, Firefox 2007, and Windows Shortcut link 2020. Moreover, the exploits were also experienced in Linux OS where it was experienced as a Dirty copy on write (Rath & Anil, 2012).

Firefox Race Condition

            The Mozilla Firefox forms which are older than version 2.0.0.10, is susceptible to race condition attacks especially when handling the window.location. In this case, the referrer header present under the older versions of the Mozilla Firefox systems are established to the frame or window in whereby the script is being executed, rather than the content initiated by the script. This makes it possible for the spoofing of the HTTP referrer header by the remote attacker. Moreover, this also makes it possible for the attacker to bypass the referrer-based CSRF defense structures by ensuring that the window.location is set while the modal alert dialog is also used to cause the incorrect referrer to be directed over the system.

Pulse Audio Race Condition

            Pulse audio is a Linux-based sound server that is network enabled. The race condition experienced in PulseAudio version 0.9.9, 10  and 14 enables the local users to have privileges through the vectors including the formation of a hard link, associated to the application setting LD_BIND_NOW to 1, and subsequently calling execv command on the  /proc/self/exe symlink target. An individual granted with an admission to a directory available on the file structure holding the /usr/bin has the ability to exploiting the race condition vulnerability with an aim of executing the arbitrary code provided with the root privileges (Payer & Gross, 2012).

Windows Shortcut Link

            The Windows Shell Version available in Microsoft Windows XP3, Microsoft Vista SP1 and version SP2, Server 2003 SP2, Server 2008 SP2 and R2 alongside Windows server 7 enables the locally available attackers or the local system users to effect the arbitrary code through a .pif or .ink shortcut file which is not effectively handled during the icon display evident in Windows Explorer cases (Rath & Anil, 2012). The file .Ink is known to be highly susceptible to race condition since it executes the dll transferred file three times in a simultaneous manner. The prevents the accurate manipulation of the target in the cases where the payload dll strives to write any file available on the disk or attempts to access and modify any other resource available on the target’s system. According to Jurczyk and Coldwind (2013), race conditions make it possible to violate the security of a Windows –driven machine.

The Dirty Copy on Write also known as COW

Dirty COW, also referred to as Dirty Copy on Write, refers to a Race condition vulnerability available on the Linux-based systems. This vulnerability enables the attacker to intensify the protection of the file system available on the Linux Kernel to obtain the root privilege hence making it possible for the entire system to be compromised (Farah, Rahman, Hossain, Alam & Zaman, 2017). The Dirty COW exploit calls the source file in the system in the read only format. Through the utilization of the mmap function, the creation of a new virtual space is facilitated hence making it possible for the file to be transformed. Subsequently, the MAP PRIVATE label is utilized to generate a duplicate of the primary source file. At each instance where the exploit is run, a copy of the original root file is established. This makes it possible to make changes to the file as required by the attacker. Using the madviseThread function, locating the memory address range provided for the core source file is facilitated. The function “procselfmemThread” is utilized to cheat the system in trusting that the memory series of the primary source file and the write the duplicate file is empty hence ensuring that an access is gained (Farah et al., 2017).

Internet Explorer Race Condition

            Microsoft Internet Explorer versions 6 to 8 are known to be vulnerable to race condition attacks. The OS versions permits the potential attackers to execute the subjective code or result to a denial of service (DOS) attack experienced in the system. This situation is also referred to as a Window Open Race Condition Vulnerability (Rath & Anil, 2012). In this case, the attacker comes up with a webpage composed of a malicious code and when the site is accessed, an exploitation process occurs (Rath & Anil, 2012). This form of attack is the same as the cross scripting attack.

Preventing Race Condition Vulnerabilities

            The primary resolution of a race condition is to guarantee that the program is provided with special privileges to shared data to ensure a locking capacity. Handling locks accurately is considered a difficult process. However, with the Semaphore system, synchronizing the locks becomes possible. Technological advancement has made it possible to address instances of computer security (Zareen, Akram & Shoab, 2020).

Semaphore

            A semaphore refers to a thread management system which can be utilized to direct signals between the threads with an aim of avoiding missed signals or preventing critical section instances (Malatji, Sune & Marnewick, 2019). A semaphore can serve as a gateway to the critical section. The gate rank can either be lowered or raised. If a thread focuses on access data through a critical section, the operation P is executed. If gate is opened, the process finds its way in and the gate later closes after the entry. Semaphore ensures that only a single thread obtains an access to the data available at the critical section at a time. Figure 3 in appendix 3 below provides an insight into the Semaphore java code.

Semaphore is furthermore utilized to reduce the amount of threads permitted within a code’s position. A deadlock is one of the common problems of a lock. In this case, the programs are stuck as they wait for each other to release the locked resource (Rath & Anil, 2012). Most of the deadlocks can be barred by ensuring that all the threads acquire the locks within the similar order.

Deadlock

            A deadlock is experienced in the events where two threads each lock dissimilar variables simultaneously and later attempt to lock the variable that was already locked by a varied thread. In this case, every thread stops and waits for the former to release the locked resource. However, since every thread is holding the variable required by the other, no process takes place thus ensuring that each remains deadlocked (Do-Mai, Diep & Thoai, 2016). Race conditions exceptions refer to unconstrained exceptions which take place only during runtime and are undetectable by the compiler. With an aim of preventing the race conditions exceptions, synchronized block should be utilized around the shared resources with an aim of preventing the multiple accesses likely to be experienced at a time.

Conclusion

            Conclusively, race conditions vulnerability is an example of an attack experienced within operating systems. Race conditions have several components such as the thread, multithread and critical section. Different operating system applications are vulnerable to the race conditions attack such as the Internet Explorer and Firefox web browsers. In addition, various versions of Linux and Windows OS are known to be at a risk of race condition attack. This form of vulnerability is mainly experienced in the system because of lack of the programmer’s knowledge.

succeeding like their normal counterparts[] ]