\documentclass{article}+ −
\usepackage{../style}+ −
+ −
\begin{document}+ −
+ −
\section*{Homework 4}+ −
+ −
\HEADER+ −
+ −
\begin{enumerate}+ −
\item What should the architecture of a network application+ −
under Unix be that processes potentially hostile data?+ −
+ −
\item What is a unikernel system and why is a unikernel+ −
preferable on a web server system (in contrast to a+ −
traditional general purpose operating system like+ −
Linux). Hint: What is the idea of a unikernel?+ −
+ −
\item What does the principle of least privilege say?+ −
+ −
\item How can you exploit the fact that every night root has a+ −
cron job that deletes the files in \texttt{/tmp}? (Hint:+ −
cron-attack)+ −
+ −
+ −
\item In which of the following situations can the access+ −
control mechanism of Unix file permissions be used?+ −
+ −
\begin{itemize}+ −
\item[(a)] Alice wants to have her files readable, except for her office mates.+ −
\item[(b)] Bob and Sam want to share some secret files.+ −
\item[(c)] Root wants some of her files to be public.+ −
\end{itemize}+ −
+ −
\item Explain what is meant by \emph{Kerckhoffs' principle}.+ −
+ −
\item How can a system that separates between \emph{users} and \emph{root} be of any + −
help with buffer overflow attacks?+ −
+ −
\item What does it mean that the program \texttt{passwd} has the+ −
\texttt{setuid} bit set? Why is this necessary?+ −
+ −
\item Under Unix (for example BSD Unix, MacOSX) the \texttt{login} + −
programm has the setuid bit set. Why is this needed? In Linux+ −
\texttt{login} does \emph{not} have the setuid bit set. What are+ −
the consequences of this choice?+ −
+ −
\item The variable \texttt{PATH} is a shell variable in UNIX which+ −
lists all directories that should be automatically searched for a+ −
program. For example if \texttt{PATH} contains the directory+ −
\texttt{/usr/bin} and the program \texttt{ls} is stored there, then+ −
a user does not need to type \texttt{/usr/bin/ls} to run this file,+ −
but \texttt{ls} suffices. The question is why is it a bad idea in+ −
general, but in particular for root, to have \texttt{.} as the first+ −
entry in ones variable \texttt{PATH}?+ −
+ −
\item In the context of which information flow should be protected, explain briefly the + −
differences between the {\it read rule} of the Bell-LaPadula access+ −
policy and the Biba access policy. Do the same for the {\it write rule}.+ −
+ −
\item \POSTSCRIPT+ −
\end{enumerate}+ −
+ −
+ −
\end{document}+ −
+ −
%%% Local Variables: + −
%%% mode: latex+ −
%%% TeX-master: t+ −
%%% End: + −