diff -r b71ce151aba8 -r fefd78525434 hws/hw03.tex
--- a/hws/hw03.tex	Mon Oct 07 17:25:04 2013 +0100
+++ b/hws/hw03.tex	Mon Oct 07 17:45:12 2013 +0100
@@ -22,12 +22,20 @@
 be that processes potentially hostile data?
 
 \item How can you exploit the fact that every night root has a cron
-job that deletes the files in \texttt{/tmp}?
+job that deletes the files in \texttt{/tmp}? (Hint: cron-attack)
 
 \item What does it mean that the program \texttt{passwd} has the \texttt{setuid}
 bit set? Why is this necessary?
+\item Assume format string attacks allow you to read out the stack. What can you do
+	with this information? (Hint: Consider what is stored in the stack.)
 
-\item What does the Bell --- La Padula model ensure? Similarly, what does the Biba model ensure?
+\item Assume you can crash a program remotely. Why is this a problem?
+
+\item How can the choice of a programming language help with buffer overflow attacks?
+(Hint: Why are C-programs prone to such attacks, but not Java programs.)
+
+\item How can a system that separates between \emph{users} and \emph{root} 
+be of any help with buffer overflow attacks?
 \end{enumerate}
 
 \end{document}