# HG changeset patch # User Christian Urban # Date 1381229825 -3600 # Node ID 0332f8102121bbdb7f45b4c3681551da3441610c # Parent 0711775cb6b086243fde3721af398d8e42d1b71e added diff -r 0711775cb6b0 -r 0332f8102121 slides/slides02.tex --- a/slides/slides02.tex Tue Oct 08 05:53:21 2013 +0100 +++ b/slides/slides02.tex Tue Oct 08 11:57:05 2013 +0100 @@ -14,7 +14,7 @@ \usetikzlibrary{arrows} \usetikzlibrary{automata} \usetikzlibrary{shapes} -\usetikzlibrary{shadows} +\usetikzlibrary{shadows}Net \usetikzlibrary{positioning} \usetikzlibrary{calc} \usepackage{graphicx} diff -r 0711775cb6b0 -r 0332f8102121 slides/slides03.pdf Binary file slides/slides03.pdf has changed diff -r 0711775cb6b0 -r 0332f8102121 slides/slides03.tex --- a/slides/slides03.tex Tue Oct 08 05:53:21 2013 +0100 +++ b/slides/slides03.tex Tue Oct 08 11:57:05 2013 +0100 @@ -110,6 +110,7 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \mode{ \begin{frame}[c] @@ -132,6 +133,102 @@ %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[c] +\frametitle{\begin{tabular}{c}Network Applications:\\[-1mm] Privilege Separation\end{tabular}} + + +\begin{center} + \begin{tikzpicture}[scale=1] + + \draw[line width=1mm] (-.3, 0) rectangle (1.5,2); + \draw (4.7,1) node {Internet}; + \draw (-2.7,1.7) node {\footnotesize Application}; + \draw (0.6,1.7) node {\footnotesize Interface}; + \draw (0.6,-0.4) node {\footnotesize \begin{tabular}{c}unprivileged\\[-1mm] process\end{tabular}}; + \draw (-2.7,-0.4) node {\footnotesize \begin{tabular}{c}privileged\\[-1mm] process\end{tabular}}; + + \draw[line width=1mm] (-1.8, 0) rectangle (-3.6,2); + + \draw[white] (1.7,1) node (X) {}; + \draw[white] (3.7,1) node (Y) {}; + \draw[red, <->, line width = 2mm] (X) -- (Y); + + \draw[red, <->, line width = 1mm] (-0.6,1) -- (-1.6,1); + \end{tikzpicture} +\end{center} + +\begin{itemize} +\item the idea is make the attack surface smaller and +mitigate the consequences of an attack +\end{itemize} + + +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[c] +\frametitle{Access Control in Unix} + +\begin{itemize} +\item access control provided by the OS +\item authenticate principals (login) +\item mediate access to files, ports, processes according to \alert{roles} (user ids)\\ +\item roles get attached with privileges\bigskip\\% +\hspace{8mm} +\begin{tikzpicture} +\draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm] +{\begin{minipage}{8cm} +\alert{The principle of least privilege:}\\ +programs should only have as much privilege as they need +\end{minipage}}; +\end{tikzpicture} +\end{itemize} + +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + + +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% +\mode{ +\begin{frame}[c] +\frametitle{\begin{tabular}{@ {}c@ {}}A ``Cron''-Attack\end{tabular}} + +\begin{enumerate} +\item attacker \textcolor{gray}{(creates a fake passwd file)}\\ +\texttt{mkdir /tmp/a; cat > /tmp/a/passwd}\medskip +\item root \textcolor{gray}{(does the daily cleaning)}\\ +\texttt{rm /tmp/*/*}\medskip\\ +\hspace{2cm}\textcolor{gray}{\small records that \texttt{/tmp/a/passwd}}\\ +\hspace{2cm}\textcolor{gray}{\small should be deleted, but does not do it yet}\medskip\\ + +\item attacker \textcolor{gray}{(meanwhile deletes the fake passwd file, and establishes a link to +the real passwd file)}\\ +\texttt{rm /tmp/a/passwd; rmdir /tmp/a;}\\\texttt{ln -s /etc /tmp/a}\\ +\item root now deletes the real passwd file +\end{enumerate} + +\only<2>{ +\begin{textblock}{11}(2,5) +\begin{tikzpicture} +\draw (0,0) node[inner sep=2mm,fill=cream, ultra thick, draw=red, rounded corners=2mm] +{\normalsize\color{darkgray} +\begin{minipage}{9cm}\raggedright +To prevent this kind of attack, you need additional +policies (don't do such operations as root). +\end{minipage}}; +\end{tikzpicture} +\end{textblock}} + +\end{frame}} +%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% + + + %%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%%% \mode{ \begin{frame}[c]