author | Christian Urban <urbanc@in.tum.de> |
Sat, 21 Jan 2017 00:37:20 +0000 | |
changeset 510 | 51267a687b85 |
parent 470 | 6764a249118a |
child 521 | 34775227c84f |
permissions | -rw-r--r-- |
39 | 1 |
\documentclass{article} |
250
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
2 |
\usepackage{../style} |
39 | 3 |
|
4 |
\begin{document} |
|
5 |
||
6 |
\section*{Homework 4} |
|
7 |
||
401
2d6eb340fd98
updated hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
392
diff
changeset
|
8 |
\HEADER |
2d6eb340fd98
updated hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
392
diff
changeset
|
9 |
|
39 | 10 |
\begin{enumerate} |
413
0f824ca252e4
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
404
diff
changeset
|
11 |
\item What should the architecture of a network application |
0f824ca252e4
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
404
diff
changeset
|
12 |
under Unix be that processes potentially hostile data? |
392
4dff36e2bbc6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
389
diff
changeset
|
13 |
|
4dff36e2bbc6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
389
diff
changeset
|
14 |
\item What is a unikernel system and why is a unikernel |
413
0f824ca252e4
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
404
diff
changeset
|
15 |
preferable on a web server system (in contrast to a |
0f824ca252e4
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
404
diff
changeset
|
16 |
traditional general purpose operating system like |
0f824ca252e4
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
404
diff
changeset
|
17 |
Linux). Hint: What is the idea of a unikernel? |
392
4dff36e2bbc6
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
389
diff
changeset
|
18 |
|
239
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
19 |
\item What does the principle of least privilege say? |
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
20 |
|
413
0f824ca252e4
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
404
diff
changeset
|
21 |
\item How can you exploit the fact that every night root has a |
0f824ca252e4
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
404
diff
changeset
|
22 |
cron job that deletes the files in \texttt{/tmp}? (Hint: |
0f824ca252e4
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
404
diff
changeset
|
23 |
cron-attack) |
389
9019f84ef99c
updated hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
348
diff
changeset
|
24 |
|
9019f84ef99c
updated hws
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
348
diff
changeset
|
25 |
|
413
0f824ca252e4
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
404
diff
changeset
|
26 |
\item In which of the following situations can the access |
0f824ca252e4
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
404
diff
changeset
|
27 |
control mechanism of Unix file permissions be used? |
239
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
28 |
|
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
29 |
\begin{itemize} |
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
30 |
\item[(a)] Alice wants to have her files readable, except for her office mates. |
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
31 |
\item[(b)] Bob and Sam want to share some secret files. |
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
32 |
\item[(c)] Root wants some of her files to be public. |
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
33 |
\end{itemize} |
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
34 |
|
117
59d3bf386a6d
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
35 |
\item Explain what is meant by \emph{Kerckhoffs' principle}. |
39 | 36 |
|
122
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
37 |
\item How can a system that separates between \emph{users} and \emph{root} be of any |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
38 |
help with buffer overflow attacks? |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
39 |
|
239
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
40 |
\item What does it mean that the program \texttt{passwd} has the |
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
41 |
\texttt{setuid} bit set? Why is this necessary? |
122
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
42 |
|
425
4a0bff167159
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
413
diff
changeset
|
43 |
\item Under Unix (for example BSD Unix, MacOSX) the \texttt{login} |
4a0bff167159
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
413
diff
changeset
|
44 |
programm has the setuid bit set. Why is this needed? In Linux |
4a0bff167159
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
413
diff
changeset
|
45 |
\texttt{login} does \emph{not} have the setuid bit set. What are |
4a0bff167159
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
413
diff
changeset
|
46 |
the consequences of this choice? |
122
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
47 |
|
250
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
48 |
\item The variable \texttt{PATH} is a shell variable in UNIX which |
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
49 |
lists all directories that should be automatically searched for a |
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
50 |
program. For example if \texttt{PATH} contains the directory |
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
51 |
\texttt{/usr/bin} and the program \texttt{ls} is stored there, then |
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
52 |
a user does not need to type \texttt{/usr/bin/ls} to run this file, |
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
53 |
but \texttt{ls} suffices. The question is why is it a bad idea in |
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
54 |
general, but in particular for root, to have \texttt{.} as the first |
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
55 |
entry in ones variable \texttt{PATH}? |
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
56 |
|
122
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
57 |
\item A Unix directory might look as follows: |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
58 |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
59 |
\begin{center} |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
60 |
\begin{verbatim} |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
61 |
$ ls -ld . * */* |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
62 |
drwxr-xr-x 1 ping staff 32768 Apr 2 2010 . |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
63 |
-rw----r-- 1 ping students 31359 Jul 24 2011 manual.txt |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
64 |
-r--rw--w- 1 bob students 4359 Jul 24 2011 report.txt |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
65 |
-rwsr--r-x 1 bob students 141359 Jun 1 2013 microedit |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
66 |
dr--r-xr-x 1 bob staff 32768 Jul 23 2011 src |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
67 |
-rw-r--r-- 1 bob staff 81359 Feb 28 2012 src/code.c |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
68 |
-r--rw---- 1 emma students 959 Jan 23 2012 src/code.h |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
69 |
\end{verbatim} |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
70 |
\end{center} |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
71 |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
72 |
with group memberships assigned as follows: |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
73 |
\begin{center} |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
74 |
\begin{tabular}{ll} |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
75 |
Members of group staff: & ping, bob, emma\\ |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
76 |
Members of group students: & emma\\ |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
77 |
\end{tabular} |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
78 |
\end{center} |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
79 |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
80 |
The file microedit is a text editor, which allows its users to open, edit and |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
81 |
save files. Note carefully that microedit has set its setuid flag. |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
82 |
Fill in the access control matrix below that shows for each of the above five files, |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
83 |
whether ping, bob, or emma are able to obtain the right to read (R) or replace (W) its |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
84 |
contents using the editor microedit.\bigskip |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
85 |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
86 |
\begin{center} |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
87 |
\begin{tabular}{r|c|c|c|c|c} |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
88 |
& manual.txt & report.txt & microedit & src/code.c & src/code.h \\\hline |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
89 |
ping & & & & &\\\hline |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
90 |
bob & & & & &\\\hline |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
91 |
emma & & & & &\\ |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
92 |
\end{tabular} |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
93 |
\end{center} |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
94 |
|
247
95e14b2dbc94
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
239
diff
changeset
|
95 |
\item In the context of which information flow should be protected, explain briefly the |
95e14b2dbc94
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
239
diff
changeset
|
96 |
differences between the {\it read rule} of the Bell-LaPadula access |
95e14b2dbc94
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
239
diff
changeset
|
97 |
policy and the Biba access policy. Do the same for the {\it write rule}. |
39 | 98 |
|
470
6764a249118a
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
425
diff
changeset
|
99 |
\item \POSTSCRIPT |
39 | 100 |
\end{enumerate} |
101 |
||
50 | 102 |
|
39 | 103 |
\end{document} |
104 |
||
105 |
%%% Local Variables: |
|
106 |
%%% mode: latex |
|
107 |
%%% TeX-master: t |
|
108 |
%%% End: |