\documentclass{article}\usepackage{charter}\usepackage{hyperref}\begin{document}\section*{Homework 3}\begin{enumerate}\item What does the principle of least privilege say?\item In which of the following situations can the access control mechanism of Unixfile permissions be used?\begin{itemize}\item[(a)] Alice wants to have her files readable, except for her office mates.\item[(b)] Bob and Sam want to share some secret files.\item[(c)] Root wants some of her files to be public.\end{itemize}\item What should the architecture of a network application under Unix be that processes potentially hostile data?\item How can you exploit the fact that every night root has a cronjob that deletes the files in \texttt{/tmp}? (Hint: cron-attack)\item What does it mean that the program \texttt{passwd} has the \texttt{setuid}bit set? Why is this necessary?\item Assume format string attacks allow you to read out the stack. What can you do with this information? (Hint: Consider what is stored in the stack.)\item Assume you can crash a program remotely. Why is this a problem?\item How can the choice of a programming language help with buffer overflow attacks?(Hint: Why are C-programs prone to such attacks, but not Java programs.)\item How can a system that separates between \emph{users} and \emph{root} be of any help with buffer overflow attacks?\end{enumerate}\end{document}%%% Local Variables: %%% mode: latex%%% TeX-master: t%%% End: