Download as PDF, PPTX
Uploaded byChia-Hao Tsai
Security coding c and c++ ch8 (1)
This document discusses secure coding practices for file input/output in C and C++. It covers file I/O basics like file system structures and types, as well as common interfaces for file I/O like stdio.h and iostream. It also discusses access control using UNIX permissions and user IDs. Potential vulnerabilities are outlined, such as setuid programs running with elevated privileges that could allow accessing unintended files if exploited. The document is an outline for a chapter that will continue discussing additional topics like race conditions and mitigation strategies for secure file I/O.
More Related Content
![[ETHCon Korea 2019] Kim jiyun 김지윤](https://cdn.slidesharecdn.com/ss_thumbnails/kimjiyun-190602030349-thumbnail.jpg?width=640&height=640&fit=bounds)
Similar to Security coding c and c++ ch8 (1)
![[2019.05] HST - RegEx 101 ~ 1001](https://cdn.slidesharecdn.com/ss_thumbnails/2019-190511134247-thumbnail.jpg?width=640&height=640&fit=bounds)
![[2019.02.16] hst - orm](https://cdn.slidesharecdn.com/ss_thumbnails/2019-190216160351-thumbnail.jpg?width=640&height=640&fit=bounds)
![[2019.01.12] hst iptables 101 to 301](https://cdn.slidesharecdn.com/ss_thumbnails/2019-190115125254-thumbnail.jpg?width=640&height=640&fit=bounds)
![[2018.12.15] hst python object 102](https://cdn.slidesharecdn.com/ss_thumbnails/2018-181226015614-thumbnail.jpg?width=640&height=640&fit=bounds)
![[2018.11.16] Python Object 101](https://cdn.slidesharecdn.com/ss_thumbnails/2018-181119022658-thumbnail.jpg?width=640&height=640&fit=bounds)
![[2017.03.18] hst binary training part 1](https://cdn.slidesharecdn.com/ss_thumbnails/2017-170324055826-thumbnail.jpg?width=640&height=640&fit=bounds)
Security coding c and c++ ch8 (1)
- 1. Secure Coding inC and C++ ch8 - File I/O (1) cmj
- 2. Outline ● 8.1 FileI/O Basic ● 8.2 File I/O Interfaces ● 8.3 Access Control ● 8.4 File Identification ● 8.5 Race Conditions ● 8.6 Mitigation Strategies
- 3. File I/O Basic ●What’s the file system? ○ A hierarchical structure which non-terminal nodes are directory and terminal nodes are files. ● Many file systems ○ Older system: MS-DOS, ext2 ○ journaling file system: ext4 ○ Distributed File System: gluster, GFS, Ceph ○ Network File System: SMB, AFP ● Special Files ○ Regular File / Directory / Link ○ Pipe / Socket ○ Char device / Block device
- 4. File I/O Interfaces ●File I/O need <stdio.h> in C ○ Byte or char type I/O ○ Wide-character type I/O ● Using <iostream> in C++ ○ Wide-character use wifstream/wofstream/wiofstream/wfstream
- 5. File I/O Interfaces(Cont’d) ● Data Stream ○ FILE * ○ fopen: mode (r/w/a/b/+) ○ w is added in C11 ■ Failed if file is already existed. ● POSIX way ○ File descriptor, from 0 to OPEN_MAX ■ sysconf(_SC_OPEN_MAX); ○ fopen is wrappered as open
- 6. Access Control ● Filein UNIX system has UID and GID ○ Read(r) / Write(w) / Execute(x) ○ std.id(s): /usr/bin/passwd ■ Execute as the owner/group. ○ sticky(t): usually used in /tmp ■ Only owner or root can remove. ■ Should run on physical memory only.
- 7. IDs ● ID ○ RUID(real user ID) ○ EUID (effective user ID) ○ SSUID (saved set-user-ID) ● setuid() ○ Need root but cannot su - ○ setuid workable for RUID/SSUID ● Processes instantiated by ○ system / fork / exec ○ Inherit RUID and EUID
- 8. IDs (Cont’d) ● wall ○-rwxr-sr-x 1 root tty /usr/bin/wall ○ crw--w---- 1 root tty /dev/tty1 ● passwd ○ -rwsr-xr-x 1 root root /usr/bin/passwd
- 9. Vulnerabilities ● Run withelevated privileges and access files ○ Chance to exploit you program. ○ OpenSSH: ■ open copyright file with root privileges. ■ copyright=/etc/shadow ● setuid program carry significant risk ○ Do anything the owner of file is allowed ○ If owner is root, everything is possible.
- 10.