equal
deleted
inserted
replaced
20 |
20 |
21 \item What should the architecture of a network application under Unix |
21 \item What should the architecture of a network application under Unix |
22 be that processes potentially hostile data? |
22 be that processes potentially hostile data? |
23 |
23 |
24 \item How can you exploit the fact that every night root has a cron |
24 \item How can you exploit the fact that every night root has a cron |
25 job that deletes the files in \texttt{/tmp}? |
25 job that deletes the files in \texttt{/tmp}? (Hint: cron-attack) |
26 |
26 |
27 \item What does it mean that the program \texttt{passwd} has the \texttt{setuid} |
27 \item What does it mean that the program \texttt{passwd} has the \texttt{setuid} |
28 bit set? Why is this necessary? |
28 bit set? Why is this necessary? |
|
29 \item Assume format string attacks allow you to read out the stack. What can you do |
|
30 with this information? (Hint: Consider what is stored in the stack.) |
29 |
31 |
30 \item What does the Bell --- La Padula model ensure? Similarly, what does the Biba model ensure? |
32 \item Assume you can crash a program remotely. Why is this a problem? |
|
33 |
|
34 \item How can the choice of a programming language help with buffer overflow attacks? |
|
35 (Hint: Why are C-programs prone to such attacks, but not Java programs.) |
|
36 |
|
37 \item How can a system that separates between \emph{users} and \emph{root} |
|
38 be of any help with buffer overflow attacks? |
31 \end{enumerate} |
39 \end{enumerate} |
32 |
40 |
33 \end{document} |
41 \end{document} |
34 |
42 |
35 %%% Local Variables: |
43 %%% Local Variables: |