[go: up one dir, main page]

About: Symlink race

An Entity of Type: Abstraction100002137, from Named Graph: http://dbpedia.org, within Data Space: dbpedia.org

A symlink race is a kind of software security vulnerability that results from a program creating files in an insecure manner. A malicious user can create a symbolic link to a file not otherwise accessible to them. When the privileged program creates a file of the same name as the symbolic link, it actually creates the linked-to file instead, possibly inserting content desired by the malicious user (see example below), or even provided by the malicious user (as input to the program).

Property Value
dbo:abstract
  • Eine Symlink-Schwachstelle (aus engl. symlink bug; auch symlink vulnerability genannt, zu dt. Verwundbarkeit [durch] symbolische Verknüpfungen) ist eine Sicherheitslücke, die es einem Angreifer erlaubt, beliebige Dateien mit den Rechten des ausgeführten Programmes zu schreiben. (de)
  • A symlink race is a kind of software security vulnerability that results from a program creating files in an insecure manner. A malicious user can create a symbolic link to a file not otherwise accessible to them. When the privileged program creates a file of the same name as the symbolic link, it actually creates the linked-to file instead, possibly inserting content desired by the malicious user (see example below), or even provided by the malicious user (as input to the program). It is called a "race" because in its typical manifestation, the program checks to see if a file by that name already exists; if it does not exist, the program then creates the file. An attacker must create the link in the interval between the check and when the file is created. A symlink race can happen with antivirus products that decide they will quarantine or delete a suspicious file, and then go ahead and do that. During the interval between decision and action, malicious software can replace the suspicious file with a system or antivirus file that the malicious software wants overwritten. (en)
  • Symlink race – atak na uprzywilejowaną aplikację nieprawidłowo przeprowadzającą operacje na plikach. (pl)
dbo:wikiPageID
  • 1857208 (xsd:integer)
dbo:wikiPageLength
  • 3317 (xsd:nonNegativeInteger)
dbo:wikiPageRevisionID
  • 1115673478 (xsd:integer)
dbo:wikiPageWikiLink
dbp:wikiPageUsesTemplate
dcterms:subject
rdf:type
rdfs:comment
  • Eine Symlink-Schwachstelle (aus engl. symlink bug; auch symlink vulnerability genannt, zu dt. Verwundbarkeit [durch] symbolische Verknüpfungen) ist eine Sicherheitslücke, die es einem Angreifer erlaubt, beliebige Dateien mit den Rechten des ausgeführten Programmes zu schreiben. (de)
  • Symlink race – atak na uprzywilejowaną aplikację nieprawidłowo przeprowadzającą operacje na plikach. (pl)
  • A symlink race is a kind of software security vulnerability that results from a program creating files in an insecure manner. A malicious user can create a symbolic link to a file not otherwise accessible to them. When the privileged program creates a file of the same name as the symbolic link, it actually creates the linked-to file instead, possibly inserting content desired by the malicious user (see example below), or even provided by the malicious user (as input to the program). (en)
rdfs:label
  • Symlink-Schwachstelle (de)
  • Symlink race (pl)
  • Symlink race (en)
owl:sameAs
prov:wasDerivedFrom
foaf:isPrimaryTopicOf
is dbo:wikiPageRedirects of
is dbo:wikiPageWikiLink of
is foaf:primaryTopic of
Powered by OpenLink Virtuoso    This material is Open Knowledge     W3C Semantic Web Technology     This material is Open Knowledge    Valid XHTML + RDFa
This content was extracted from Wikipedia and is licensed under the Creative Commons Attribution-ShareAlike 3.0 Unported License