\documentclass{article}

\usepackage{charter}

\usepackage{hyperref}

\begin{document}

\section*{Homework 3}

\begin{enumerate}

\item What does the principle of least privilege say?

\item In which of the following situations can the access control mechanism of Unix

file permissions be used?

\begin{itemize}

\item[(a)] Alice wants to have her files readable, except for her office mates.

\item[(b)] Bob and Sam want to share some secret files.

\item[(c)] Root wants some of her files to be public.

\end{itemize}

\item What should the architecture of a network application under Unix 

be that processes potentially hostile data?

\item How can you exploit the fact that every night root has a cron

job that deletes the files in \texttt{/tmp}? (Hint: cron-attack)

\item What does it mean that the program \texttt{passwd} has the \texttt{setuid}

bit set? Why is this necessary?

\item Assume format string attacks allow you to read out the stack. What can you do

	with this information? (Hint: Consider what is stored in the stack.)

\item Assume you can crash a program remotely. Why is this a problem?

\item How can the choice of a programming language help with buffer overflow attacks?

(Hint: Why are C-programs prone to such attacks, but not Java programs.)

%\item How can a system that separates between \emph{users} and \emph{root} 

%be of any help with buffer overflow attacks?

\end{enumerate}

\end{document}

%%% Local Variables: 

%%% mode: latex

%%% TeX-master: t

%%% End: