\documentclass{article}
\usepackage{charter}
\usepackage{hyperref}

\begin{document}

\section*{Homework 3}

\begin{enumerate}
\item What does the principle of least privilege say?

\item In which of the following situations can the access control mechanism of Unix
file permissions be used?

\begin{itemize}
\item[(a)] Alice wants to have her files readable, except for her office mates.
\item[(b)] Bob and Sam want to share some secret files.
\item[(c)] Root wants some of her files to be public.
\end{itemize}

\item What should the architecture of a network application under Unix 
be that processes potentially hostile data?

\item How can you exploit the fact that every night root has a cron
job that deletes the files in \texttt{/tmp}? (Hint: cron-attack)

\item What does it mean that the program \texttt{passwd} has the \texttt{setuid}
bit set? Why is this necessary?
\item Assume format string attacks allow you to read out the stack. What can you do
	with this information? (Hint: Consider what is stored in the stack.)

\item Assume you can crash a program remotely. Why is this a problem?

\item How can the choice of a programming language help with buffer overflow attacks?
(Hint: Why are C-programs prone to such attacks, but not Java programs.)

%\item How can a system that separates between \emph{users} and \emph{root} 
%be of any help with buffer overflow attacks?
\end{enumerate}

\end{document}

%%% Local Variables: 
%%% mode: latex
%%% TeX-master: t
%%% End: