To date, no operating system is able to track the behavior of the any signal* and determine precisely whether it is ordinary or called in order to steal confidential information. This project implements an attack on this vulnerability. Under the signal*, I define any action that has several states. For example:
- an open and closed socket
- a working and a non-working process
- a created and deleted file, a mounted and unmounted partition, and so on.
The purpose of the attack is confidential information
The initiator of the attack is a user who has fairly high rights in the system
The essence of the attack is to quietly lower the file’s access rights by means of signal* transmission.