author | Christian Urban <urbanc@in.tum.de> |
Fri, 01 Jun 2018 15:46:34 +0100 | |
changeset 564 | 3391a4fc3533 |
parent 521 | 34775227c84f |
permissions | -rw-r--r-- |
39 | 1 |
\documentclass{article} |
250
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
2 |
\usepackage{../style} |
39 | 3 |
|
4 |
\begin{document} |
|
5 |
||
6 |
\section*{Homework 4} |
|
7 |
||
401
2d6eb340fd98
updated hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
392
diff
changeset
|
8 |
\HEADER |
2d6eb340fd98
updated hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
392
diff
changeset
|
9 |
|
39 | 10 |
\begin{enumerate} |
564 | 11 |
\item nosuid question \url{https://rcoh.me/posts/sudo-science/} |
413
0f824ca252e4
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
404
diff
changeset
|
12 |
\item What should the architecture of a network application |
0f824ca252e4
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
404
diff
changeset
|
13 |
under Unix be that processes potentially hostile data? |
392
4dff36e2bbc6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
389
diff
changeset
|
14 |
|
4dff36e2bbc6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
389
diff
changeset
|
15 |
\item What is a unikernel system and why is a unikernel |
413
0f824ca252e4
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
404
diff
changeset
|
16 |
preferable on a web server system (in contrast to a |
0f824ca252e4
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
404
diff
changeset
|
17 |
traditional general purpose operating system like |
0f824ca252e4
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
404
diff
changeset
|
18 |
Linux). Hint: What is the idea of a unikernel? |
392
4dff36e2bbc6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
389
diff
changeset
|
19 |
|
239
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
20 |
\item What does the principle of least privilege say? |
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
21 |
|
413
0f824ca252e4
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
404
diff
changeset
|
22 |
\item How can you exploit the fact that every night root has a |
0f824ca252e4
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
404
diff
changeset
|
23 |
cron job that deletes the files in \texttt{/tmp}? (Hint: |
0f824ca252e4
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
404
diff
changeset
|
24 |
cron-attack) |
389
9019f84ef99c
updated hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
348
diff
changeset
|
25 |
|
9019f84ef99c
updated hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
348
diff
changeset
|
26 |
|
413
0f824ca252e4
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
404
diff
changeset
|
27 |
\item In which of the following situations can the access |
0f824ca252e4
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
404
diff
changeset
|
28 |
control mechanism of Unix file permissions be used? |
239
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
29 |
|
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
30 |
\begin{itemize} |
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
31 |
\item[(a)] Alice wants to have her files readable, except for her office mates. |
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
32 |
\item[(b)] Bob and Sam want to share some secret files. |
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
33 |
\item[(c)] Root wants some of her files to be public. |
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
34 |
\end{itemize} |
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
35 |
|
117
59d3bf386a6d
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
36 |
\item Explain what is meant by \emph{Kerckhoffs' principle}. |
39 | 37 |
|
122
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
38 |
\item How can a system that separates between \emph{users} and \emph{root} be of any |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
39 |
help with buffer overflow attacks? |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
40 |
|
239
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
41 |
\item What does it mean that the program \texttt{passwd} has the |
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
42 |
\texttt{setuid} bit set? Why is this necessary? |
122
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
43 |
|
425
4a0bff167159
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
413
diff
changeset
|
44 |
\item Under Unix (for example BSD Unix, MacOSX) the \texttt{login} |
4a0bff167159
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
413
diff
changeset
|
45 |
programm has the setuid bit set. Why is this needed? In Linux |
4a0bff167159
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
413
diff
changeset
|
46 |
\texttt{login} does \emph{not} have the setuid bit set. What are |
4a0bff167159
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
413
diff
changeset
|
47 |
the consequences of this choice? |
122
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
48 |
|
250
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
49 |
\item The variable \texttt{PATH} is a shell variable in UNIX which |
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
50 |
lists all directories that should be automatically searched for a |
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
51 |
program. For example if \texttt{PATH} contains the directory |
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
52 |
\texttt{/usr/bin} and the program \texttt{ls} is stored there, then |
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
53 |
a user does not need to type \texttt{/usr/bin/ls} to run this file, |
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
54 |
but \texttt{ls} suffices. The question is why is it a bad idea in |
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
55 |
general, but in particular for root, to have \texttt{.} as the first |
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
56 |
entry in ones variable \texttt{PATH}? |
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
57 |
|
247
95e14b2dbc94
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
239
diff
changeset
|
58 |
\item In the context of which information flow should be protected, explain briefly the |
95e14b2dbc94
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
239
diff
changeset
|
59 |
differences between the {\it read rule} of the Bell-LaPadula access |
95e14b2dbc94
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
239
diff
changeset
|
60 |
policy and the Biba access policy. Do the same for the {\it write rule}. |
39 | 61 |
|
470
6764a249118a
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
425
diff
changeset
|
62 |
\item \POSTSCRIPT |
39 | 63 |
\end{enumerate} |
64 |
||
50 | 65 |
|
39 | 66 |
\end{document} |
67 |
||
68 |
%%% Local Variables: |
|
69 |
%%% mode: latex |
|
70 |
%%% TeX-master: t |
|
71 |
%%% End: |