\documentclass{article}\usepackage{../style}\begin{document}\section*{Homework 4}\HEADER\begin{enumerate}\item nosuid question \url{https://rcoh.me/posts/sudo-science/}\item What should the architecture of a network application under Unix be that processes potentially hostile data?\item What is a unikernel system and why is a unikernel preferable on a web server system (in contrast to a traditional general purpose operating system like Linux). Hint: What is the idea of a unikernel?\item What does the principle of least privilege say?\item How can you exploit the fact that every night root has a cron job that deletes the files in \texttt{/tmp}? (Hint: cron-attack)\item In which of the following situations can the access control mechanism of Unix file permissions be used?\begin{itemize}\item[(a)] Alice wants to have her files readable, except for her office mates.\item[(b)] Bob and Sam want to share some secret files.\item[(c)] Root wants some of her files to be public.\end{itemize}\item Explain what is meant by \emph{Kerckhoffs' principle}.\item How can a system that separates between \emph{users} and \emph{root} be of any help with buffer overflow attacks?\item What does it mean that the program \texttt{passwd} has the \texttt{setuid} bit set? Why is this necessary?\item Under Unix (for example BSD Unix, MacOSX) the \texttt{login} programm has the setuid bit set. Why is this needed? In Linux \texttt{login} does \emph{not} have the setuid bit set. What are the consequences of this choice?\item The variable \texttt{PATH} is a shell variable in UNIX which lists all directories that should be automatically searched for a program. For example if \texttt{PATH} contains the directory \texttt{/usr/bin} and the program \texttt{ls} is stored there, then a user does not need to type \texttt{/usr/bin/ls} to run this file, but \texttt{ls} suffices. The question is why is it a bad idea in general, but in particular for root, to have \texttt{.} as the first entry in ones variable \texttt{PATH}?\item In the context of which information flow should be protected, explain briefly the differences between the {\it read rule} of the Bell-LaPadula accesspolicy and the Biba access policy. Do the same for the {\it write rule}.\item \POSTSCRIPT\end{enumerate}\end{document}%%% Local Variables: %%% mode: latex%%% TeX-master: t%%% End: