Comment by tptacek

Comment by tptacek 10 days ago

Yes. And: you will run into correctness bugs quickly if you mutate shared references in Go code. It's only my contention that you won't create a security vulnerability, in the colloquial understanding of the term (ie: a panic doesn't count).

tsimionescu 9 days ago

You can, though it's much harder than in C or C++ or unsafe Rust for this to be exploitable. A data race on an interface value can give you a corrupted interface value, overwriting the vtable with struct contents. This can happen to lead to arbitrary code execution if you're unlucky enough, though in most cases it would be a SIGSEGV. It's also very hard for an attacker to craft a payload that can be guaranteed to reach this, though with a microservixe architecture with automatic restarts of failed services, they might get a lot of tries.

Reply View 0 replies

lll-o-lll 9 days ago

If I can induce a race that corrupts a data structure so that it leaks data back to me that I shouldn’t have access to, does that count?

Reply View 1 reply

melodyogonna 9 days ago

How can you do that?

Reply View | 0 replies

kaba0 9 days ago

I mean, a very serious security vulnerability is/was row hammering, where an attacker was waiting on flipping a bit they have no access to by continuously flipping neighboring ones. Compared to that a race condition is "trivial" to exploit.

Reply View 0 replies