Question

The key to preventing race conditions is to protect resources during execution by using a method of synchronization , or mechanisms that ensure threads using the same resources don’t execute simultaneously.

避免竞态条件的关键是通过使用同步方法或机制来保护执行期间的资源，确保使用相同资源的线程不会同时执行。

Resource locks are one of these mechanisms. They block other threads from operating on the same resource by locking a resource. In the bank transfer example, thread 1 could lock the balance of accounts A and B before modifying them so that thread 2 would have to wait for it to finish before accessing the resources.

资源锁定是其中的一种机制。通过锁定资源，它们阻止其他线程在同一资源上操作。在银行转账示例中，线程 1 可以锁定帐户 A 和 B 的余额，然后再修改它们，这样线程 2 就必须等待它完成后才能访问资源。

Most programming languages that have concurrency abilities also have some sort of synchronization functionality built in. You have to be aware of the concurrency issues in your applications and apply synchronization measures accordingly. Beyond synchronization, following secure coding practices, like the principle of least privilege, can prevent race conditions from turning into more severe security issues.

大多数具有并发能力的编程语言也内置了某种形式的同步功能。您必须了解应用程序中的并发问题，并相应地应用同步措施。除同步外，遵循安全编码实践，如最小特权原则，可以防止竞争条件转化为更严重的安全问题。

The principle of least privilege means that applications and processes should be granted only the privileges they need to complete their tasks. For example, when an application requires only read access to a file, it should not be granted any write or execute permissions. You should grant applications precisely the permissions that they need instead. This lowers the risks of complete system compromise during an attack.

“最小权限原则”意味着应该只授予应用程序和进程完成其任务所需的最低权限。例如，当一个应用程序只需要读取文件时，就不应该授予它任何写入或执行的权限。你应该精确地授予应用程序所需的权限，减少攻击时完整系统被攻破的风险。”