6 \section*{Homework 4} |
6 \section*{Homework 4} |
7 |
7 |
8 \HEADER |
8 \HEADER |
9 |
9 |
10 \begin{enumerate} |
10 \begin{enumerate} |
11 \item What should the architecture of a network application under Unix |
11 \item What should the architecture of a network application |
12 be that processes potentially hostile data? |
12 under Unix be that processes potentially hostile data? |
13 |
13 |
14 \item What is a unikernel system and why is a unikernel |
14 \item What is a unikernel system and why is a unikernel |
15 preferable on a web server system (in contrast to a traditional |
15 preferable on a web server system (in contrast to a |
16 general purpose operating system like Linux). Hint: What is |
16 traditional general purpose operating system like |
17 the idea of a unikernel. |
17 Linux). Hint: What is the idea of a unikernel? |
18 |
18 |
19 \item What does the principle of least privilege say? |
19 \item What does the principle of least privilege say? |
20 |
20 |
21 \item How can you exploit the fact that every night root has a cron |
21 \item How can you exploit the fact that every night root has a |
22 job that deletes the files in \texttt{/tmp}? (Hint: cron-attack) |
22 cron job that deletes the files in \texttt{/tmp}? (Hint: |
|
23 cron-attack) |
23 |
24 |
24 |
25 |
25 \item In which of the following situations can the access control mechanism of Unix |
26 \item In which of the following situations can the access |
26 file permissions be used? |
27 control mechanism of Unix file permissions be used? |
27 |
28 |
28 \begin{itemize} |
29 \begin{itemize} |
29 \item[(a)] Alice wants to have her files readable, except for her office mates. |
30 \item[(a)] Alice wants to have her files readable, except for her office mates. |
30 \item[(b)] Bob and Sam want to share some secret files. |
31 \item[(b)] Bob and Sam want to share some secret files. |
31 \item[(c)] Root wants some of her files to be public. |
32 \item[(c)] Root wants some of her files to be public. |