diff -r c75a03ab8ac9 -r 8fe0dc898c73 slides/slides03.tex --- a/slides/slides03.tex Sat Oct 04 15:55:05 2014 +0100 +++ b/slides/slides03.tex Sun Oct 05 18:20:31 2014 +0100 @@ -37,6 +37,57 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \begin{frame}[c] +\frametitle{\begin{tabular}{c}Network Applications:\\[-1mm] Privilege Separation\end{tabular}} + + +\begin{center} + \begin{tikzpicture}[scale=1] + + \draw[line width=1mm] (-.3, 0) rectangle (1.5,2); + \draw (4.7,1) node {Internet}; + \draw (-2.7,1.7) node {\footnotesize Application}; + \draw (0.6,1.7) node {\footnotesize Interface}; + \draw (0.6,-0.4) node {\footnotesize \begin{tabular}{c}unprivileged\\[-1mm] process\end{tabular}}; + \draw (-2.7,-0.4) node {\footnotesize \begin{tabular}{c}privileged\\[-1mm] process\end{tabular}}; + + \draw[line width=1mm] (-1.8, 0) rectangle (-3.6,2); + + \draw[white] (1.7,1) node (X) {}; + \draw[white] (3.7,1) node (Y) {}; + \draw[red, <->, line width = 2mm] (X) -- (Y); + + \draw[red, <->, line width = 1mm] (-0.6,1) -- (-1.6,1); + \end{tikzpicture} +\end{center} + +\begin{itemize} +\item the idea is make the attack surface smaller and mitigate the + consequences of an attack +\item you need an OS that supports different roles (root vs.~users) +\end{itemize} + +\end{frame} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\begin{frame}[c] +\frametitle{Weaknesses of Unix AC} + +Not just restricted to Unix: + +\begin{itemize} +\item if you have too many roles (i.e.~too finegrained AC), then + hierarchy is too complex\\ \textcolor{gray}{you invite situations + like\ldots let's be root}\bigskip + +\item you can still abuse the system\ldots +\end{itemize} + +\end{frame} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\begin{frame}[c] \frametitle{A ``Cron''-Attack} The idea is to trick a privileged person to do something on your @@ -45,7 +96,7 @@ \begin{itemize} \item root:\\\texttt{rm /tmp/*/*}\bigskip\bigskip\pause -\footnotesize +\small \begin{minipage}{1.1\textwidth} \textcolor{gray}{the shell behind the scenes:}\\ \textcolor{gray}{\texttt{rm /tmp/dir$_1$/file$_1$ /tmp/dir$_1$/file$_2$ /tmp/dir$_2$/file$_1$ \ldots}}\bigskip\\ @@ -438,7 +489,38 @@ \end{frame} %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\begin{frame}[c] +\frametitle{Memory} +\begin{itemize} +\item each process will get a chunk of memory that is organised as +follows: +\end{itemize} + +\begin{center} + \begin{tikzpicture}[scale=0.8] + %\draw[step=1cm] (-3,-3) grid (3,3); + \draw[line width=1mm] (-2, -3) rectangle (2,3); + \draw[line width=1mm] (-2,1) -- (2,1); + \draw[line width=1mm] (-2,-1) -- (2,-1); + \draw (0,2) node {\large\tt text}; + \draw (0,0) node {\large\tt heap}; + \draw (0,-2) node {\large\tt stack}; + + \draw (-2.7,3) node[anchor=north east] {\tt\begin{tabular}{@{}l@{}}lower\\ address\end{tabular}}; + \draw (-2.7,-3) node[anchor=south east] {\tt\begin{tabular}{@{}l@{}}higher\\ address\end{tabular}}; + \draw[->, line width=1mm] (-2.5,3) -- (-2.5,-3); + + \draw (2.7,-2) node[anchor=west] {\tt grows}; + \draw (2.7,-3) node[anchor=south west] {\tt\footnotesize older}; + \draw (2.7,-1) node[anchor=north west] {\tt\footnotesize newer}; + \draw[|->, line width=1mm] (2.5,-3) -- (2.5,-1); + \end{tikzpicture} +\end{center} + +\end{frame} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \begin{frame}[c]