Protection Errors in Operating Systems: Serialization.

摘要

This document describes a class of protection errors found in current computer operating systems. It is intended primarily for persons responsible for improving security aspects of existing operating system software. The term 'protection evaluation' here denotes a search for errors based only on static information about a target operating system, primarily program listings but possibly other system documentation as well. These static methods are intended to complement dynamic methods such as testing, auditing, and penetration attempts. The report deals with a class of errors initially identified empirically. The class formed itself around a group of protection errors (within a larger collection) having the common characteristic of involving operations or accesses occurring in the wrong order or at the wrong times relative to others. In its broadest sense, it includes a large proportion of all programming errors-- those having to do with improper ordering or scheduling of 'operations'; in a narrower sense it includes only those errors resulting from improper ordering of accesses to objects accessible by potentially concurrent operations.