Fixing races for fun and profit: How to abuse atime

Nikita Borisov, Rob Johnson, Naveen Sastry, David Wagner

Research output: Contribution to conferencePaper


Dean and Hu proposed a probabilistic countermeasure to the classic access(2)/open(2) TOCTTOU race condition in privileged Unix programs [4]. In this paper, we describe an attack that succeeds with very high probability against their countermeasure. We then consider a stronger randomized variant of their defense and show that it, too, is broken. We conclude that access(2) must never be used in privileged Unix programs. The tools we develop can be used to attack other filesystem races, underscoring the importance of avoiding such races in secure software.

Original languageEnglish (US)
Number of pages12
StatePublished - Jan 1 2005
Externally publishedYes
Event14th USENIX Security Symposium - Baltimore, United States
Duration: Jul 31 2005Aug 5 2005


Conference14th USENIX Security Symposium
CountryUnited States

ASJC Scopus subject areas

  • Computer Networks and Communications
  • Information Systems
  • Safety, Risk, Reliability and Quality

Fingerprint Dive into the research topics of 'Fixing races for fun and profit: How to abuse atime'. Together they form a unique fingerprint.

  • Cite this

    Borisov, N., Johnson, R., Sastry, N., & Wagner, D. (2005). Fixing races for fun and profit: How to abuse atime. 303-314. Paper presented at 14th USENIX Security Symposium, Baltimore, United States.