author | Christian Urban <christian dot urban at kcl dot ac dot uk> |
Tue, 21 Oct 2014 12:37:18 +0100 | |
changeset 255 | 9cf486aea756 |
parent 250 | bf4538649619 |
child 348 | b322a245589c |
permissions | -rw-r--r-- |
39 | 1 |
\documentclass{article} |
250
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
2 |
\usepackage{../style} |
39 | 3 |
|
4 |
\begin{document} |
|
5 |
||
6 |
\section*{Homework 4} |
|
7 |
||
8 |
\begin{enumerate} |
|
239
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
9 |
\item What does the principle of least privilege say? |
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
10 |
|
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
11 |
\item In which of the following situations can the access control mechanism of Unix |
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
12 |
file permissions be used? |
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
13 |
|
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
14 |
\begin{itemize} |
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
15 |
\item[(a)] Alice wants to have her files readable, except for her office mates. |
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
16 |
\item[(b)] Bob and Sam want to share some secret files. |
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
17 |
\item[(c)] Root wants some of her files to be public. |
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
18 |
\end{itemize} |
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
19 |
|
117
59d3bf386a6d
added
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
97
diff
changeset
|
20 |
\item Explain what is meant by \emph{Kerckhoffs' principle}. |
39 | 21 |
|
122
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
22 |
\item How can a system that separates between \emph{users} and \emph{root} be of any |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
23 |
help with buffer overflow attacks? |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
24 |
|
239
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
25 |
\item What does it mean that the program \texttt{passwd} has the |
0db764174afb
updated home works
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
122
diff
changeset
|
26 |
\texttt{setuid} bit set? Why is this necessary? |
122
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
27 |
|
247
95e14b2dbc94
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
239
diff
changeset
|
28 |
\item With which permissions does the program \texttt{login} |
95e14b2dbc94
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
239
diff
changeset
|
29 |
normally have and why is this needed? |
122
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
30 |
|
250
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
31 |
\item The variable \texttt{PATH} is a shell variable in UNIX which |
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
32 |
lists all directories that should be automatically searched for a |
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
33 |
program. For example if \texttt{PATH} contains the directory |
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
34 |
\texttt{/usr/bin} and the program \texttt{ls} is stored there, then |
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
35 |
a user does not need to type \texttt{/usr/bin/ls} to run this file, |
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
36 |
but \texttt{ls} suffices. The question is why is it a bad idea in |
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
37 |
general, but in particular for root, to have \texttt{.} as the first |
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
38 |
entry in ones variable \texttt{PATH}? |
bf4538649619
updated hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
247
diff
changeset
|
39 |
|
122
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
40 |
\item A Unix directory might look as follows: |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
41 |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
42 |
\begin{center} |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
43 |
\begin{verbatim} |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
44 |
$ ls -ld . * */* |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
45 |
drwxr-xr-x 1 ping staff 32768 Apr 2 2010 . |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
46 |
-rw----r-- 1 ping students 31359 Jul 24 2011 manual.txt |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
47 |
-r--rw--w- 1 bob students 4359 Jul 24 2011 report.txt |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
48 |
-rwsr--r-x 1 bob students 141359 Jun 1 2013 microedit |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
49 |
dr--r-xr-x 1 bob staff 32768 Jul 23 2011 src |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
50 |
-rw-r--r-- 1 bob staff 81359 Feb 28 2012 src/code.c |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
51 |
-r--rw---- 1 emma students 959 Jan 23 2012 src/code.h |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
52 |
\end{verbatim} |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
53 |
\end{center} |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
54 |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
55 |
with group memberships assigned as follows: |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
56 |
\begin{center} |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
57 |
\begin{tabular}{ll} |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
58 |
Members of group staff: & ping, bob, emma\\ |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
59 |
Members of group students: & emma\\ |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
60 |
\end{tabular} |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
61 |
\end{center} |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
62 |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
63 |
The file microedit is a text editor, which allows its users to open, edit and |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
64 |
save files. Note carefully that microedit has set its setuid flag. |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
65 |
Fill in the access control matrix below that shows for each of the above five files, |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
66 |
whether ping, bob, or emma are able to obtain the right to read (R) or replace (W) its |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
67 |
contents using the editor microedit.\bigskip |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
68 |
|
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
69 |
\begin{center} |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
70 |
\begin{tabular}{r|c|c|c|c|c} |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
71 |
& manual.txt & report.txt & microedit & src/code.c & src/code.h \\\hline |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
72 |
ping & & & & &\\\hline |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
73 |
bob & & & & &\\\hline |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
74 |
emma & & & & &\\ |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
75 |
\end{tabular} |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
76 |
\end{center} |
f0e51ffd2965
added hw
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
117
diff
changeset
|
77 |
|
247
95e14b2dbc94
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
239
diff
changeset
|
78 |
\item In the context of which information flow should be protected, explain briefly the |
95e14b2dbc94
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
239
diff
changeset
|
79 |
differences between the {\it read rule} of the Bell-LaPadula access |
95e14b2dbc94
updated
Christian Urban <christian dot urban at kcl dot ac dot uk>
parents:
239
diff
changeset
|
80 |
policy and the Biba access policy. Do the same for the {\it write rule}. |
39 | 81 |
|
82 |
\end{enumerate} |
|
83 |
||
50 | 84 |
|
39 | 85 |
\end{document} |
86 |
||
87 |
%%% Local Variables: |
|
88 |
%%% mode: latex |
|
89 |
%%% TeX-master: t |
|
90 |
%%% End: |