--- a/slides/slides03.tex	Sat Oct 04 15:55:05 2014 +0100
+++ b/slides/slides03.tex	Sun Oct 05 18:20:31 2014 +0100
@@ -37,6 +37,57 @@
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[c]
+\frametitle{\begin{tabular}{c}Network Applications:\\[-1mm] Privilege Separation\end{tabular}}
+
+
+\begin{center}
+  \begin{tikzpicture}[scale=1]
+  
+  \draw[line width=1mm] (-.3, 0) rectangle (1.5,2);
+  \draw (4.7,1) node {Internet};
+  \draw (-2.7,1.7) node {\footnotesize Application};
+  \draw (0.6,1.7) node {\footnotesize Interface};
+  \draw (0.6,-0.4) node {\footnotesize \begin{tabular}{c}unprivileged\\[-1mm] process\end{tabular}};
+  \draw (-2.7,-0.4) node {\footnotesize \begin{tabular}{c}privileged\\[-1mm] process\end{tabular}};
+  
+  \draw[line width=1mm] (-1.8, 0) rectangle (-3.6,2);
+
+  \draw[white] (1.7,1) node (X) {};
+  \draw[white] (3.7,1) node (Y) {};
+  \draw[red, <->, line width = 2mm] (X) -- (Y);
+ 
+  \draw[red, <->, line width = 1mm] (-0.6,1) -- (-1.6,1);
+  \end{tikzpicture}
+\end{center}
+
+\begin{itemize}
+\item the idea is make the attack surface smaller and mitigate the
+  consequences of an attack
+\item you need an OS that supports different roles (root vs.~users)
+\end{itemize}
+
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%     
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\frametitle{Weaknesses of Unix AC}
+
+Not just restricted to Unix:
+
+\begin{itemize}
+\item if you have too many roles (i.e.~too finegrained AC), then
+  hierarchy is too complex\\ \textcolor{gray}{you invite situations
+    like\ldots let's be root}\bigskip
+
+\item you can still abuse the system\ldots
+\end{itemize}
+
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
+
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
 \frametitle{A ``Cron''-Attack}
 
 The idea is to trick a privileged person to do something on your
@@ -45,7 +96,7 @@
 \begin{itemize}
 \item root:\\\texttt{rm /tmp/*/*}\bigskip\bigskip\pause
 
-\footnotesize
+\small
 \begin{minipage}{1.1\textwidth}
 \textcolor{gray}{the shell behind the scenes:}\\
 \textcolor{gray}{\texttt{rm /tmp/dir$_1$/file$_1$ /tmp/dir$_1$/file$_2$ /tmp/dir$_2$/file$_1$ \ldots}}\bigskip\\
@@ -438,7 +489,38 @@
 \end{frame}
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
 
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
+\begin{frame}[c]
+\frametitle{Memory}
 
+\begin{itemize}
+\item each process will get a chunk of memory that is organised as
+follows:
+\end{itemize}
+
+\begin{center}
+  \begin{tikzpicture}[scale=0.8]
+  %\draw[step=1cm] (-3,-3) grid (3,3);
+  \draw[line width=1mm] (-2, -3) rectangle (2,3);
+  \draw[line width=1mm] (-2,1) -- (2,1);
+  \draw[line width=1mm] (-2,-1) -- (2,-1);
+  \draw (0,2) node {\large\tt text};
+  \draw (0,0) node {\large\tt heap};
+  \draw (0,-2) node {\large\tt stack};
+
+  \draw (-2.7,3) node[anchor=north east] {\tt\begin{tabular}{@{}l@{}}lower\\ address\end{tabular}};
+  \draw (-2.7,-3) node[anchor=south east] {\tt\begin{tabular}{@{}l@{}}higher\\ address\end{tabular}};
+  \draw[->, line width=1mm] (-2.5,3) -- (-2.5,-3);
+
+  \draw (2.7,-2) node[anchor=west] {\tt grows};
+  \draw (2.7,-3) node[anchor=south west] {\tt\footnotesize older};
+  \draw (2.7,-1) node[anchor=north west] {\tt\footnotesize newer};
+  \draw[|->, line width=1mm] (2.5,-3) -- (2.5,-1);
+  \end{tikzpicture}
+\end{center}
+
+\end{frame}
+%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%   
 
 %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%
 \begin{frame}[c]