# HG changeset patch # User Christian Urban # Date 1506191541 -3600 # Node ID 34775227c84fef825066ca0dae4e205e4dc51040 # Parent bd25d9f9d9dc6d519acfd3026e45a528a61cb5ec updated diff -r bd25d9f9d9dc -r 34775227c84f coursework/cw01.pdf Binary file coursework/cw01.pdf has changed diff -r bd25d9f9d9dc -r 34775227c84f coursework/cw01.tex --- a/coursework/cw01.tex Sat Sep 23 14:19:09 2017 +0100 +++ b/coursework/cw01.tex Sat Sep 23 19:32:21 2017 +0100 @@ -29,6 +29,43 @@ \subsection*{Task} +A Unix directory might look as follows: + +\begin{center} +\begin{verbatim} +$ ls -ld . * */* +drwxr-xr-x 1 ping staff 32768 Apr 2 2010 . +-rw----r-- 1 ping students 31359 Jul 24 2011 manual.txt +-r--rw--w- 1 bob students 4359 Jul 24 2011 report.txt +-rwsr--r-x 1 bob students 141359 Jun 1 2013 microedit +dr--r-xr-x 1 bob staff 32768 Jul 23 2011 src +-rw-r--r-- 1 bob staff 81359 Feb 28 2012 src/code.c +-r--rw---- 1 emma students 959 Jan 23 2012 src/code.h +\end{verbatim} +\end{center} + +with group memberships assigned as follows: +\begin{center} +\begin{tabular}{ll} +Members of group staff: & ping, bob, emma\\ +Members of group students: & emma\\ +\end{tabular} +\end{center} + +The file microedit is a text editor, which allows its users to open, edit and +save files. Note carefully that microedit has set its setuid flag. +Fill in the access control matrix below that shows for each of the above five files, +whether ping, bob, or emma are able to obtain the right to read (R) or replace (W) its +contents using the editor microedit.\bigskip + +\begin{center} +\begin{tabular}{r|c|c|c|c|c} + & manual.txt & report.txt & microedit & src/code.c & src/code.h \\\hline +ping & & & & &\\\hline +bob & & & & &\\\hline +emma & & & & &\\ +\end{tabular} +\end{center} \end{document} diff -r bd25d9f9d9dc -r 34775227c84f hws/hw01.pdf Binary file hws/hw01.pdf has changed diff -r bd25d9f9d9dc -r 34775227c84f hws/hw02.pdf Binary file hws/hw02.pdf has changed diff -r bd25d9f9d9dc -r 34775227c84f hws/hw03.pdf Binary file hws/hw03.pdf has changed diff -r bd25d9f9d9dc -r 34775227c84f hws/hw03.tex --- a/hws/hw03.tex Sat Sep 23 14:19:09 2017 +0100 +++ b/hws/hw03.tex Sat Sep 23 19:32:21 2017 +0100 @@ -44,6 +44,9 @@ (starting a shell), what is the purpose of padding the string at the beginning with NOP-instructions. +\item In the context of buffer-overflow attacks, explain briefly +what is meant by a \emph{NOP-sledge}. + \item \POSTSCRIPT \end{enumerate} diff -r bd25d9f9d9dc -r 34775227c84f hws/hw04.pdf Binary file hws/hw04.pdf has changed diff -r bd25d9f9d9dc -r 34775227c84f hws/hw04.tex --- a/hws/hw04.tex Sat Sep 23 14:19:09 2017 +0100 +++ b/hws/hw04.tex Sat Sep 23 19:32:21 2017 +0100 @@ -54,44 +54,6 @@ general, but in particular for root, to have \texttt{.} as the first entry in ones variable \texttt{PATH}? -\item A Unix directory might look as follows: - -\begin{center} -\begin{verbatim} -$ ls -ld . * */* -drwxr-xr-x 1 ping staff 32768 Apr 2 2010 . --rw----r-- 1 ping students 31359 Jul 24 2011 manual.txt --r--rw--w- 1 bob students 4359 Jul 24 2011 report.txt --rwsr--r-x 1 bob students 141359 Jun 1 2013 microedit -dr--r-xr-x 1 bob staff 32768 Jul 23 2011 src --rw-r--r-- 1 bob staff 81359 Feb 28 2012 src/code.c --r--rw---- 1 emma students 959 Jan 23 2012 src/code.h -\end{verbatim} -\end{center} - -with group memberships assigned as follows: -\begin{center} -\begin{tabular}{ll} -Members of group staff: & ping, bob, emma\\ -Members of group students: & emma\\ -\end{tabular} -\end{center} - -The file microedit is a text editor, which allows its users to open, edit and -save files. Note carefully that microedit has set its setuid flag. -Fill in the access control matrix below that shows for each of the above five files, -whether ping, bob, or emma are able to obtain the right to read (R) or replace (W) its -contents using the editor microedit.\bigskip - -\begin{center} -\begin{tabular}{r|c|c|c|c|c} - & manual.txt & report.txt & microedit & src/code.c & src/code.h \\\hline -ping & & & & &\\\hline -bob & & & & &\\\hline -emma & & & & &\\ -\end{tabular} -\end{center} - \item In the context of which information flow should be protected, explain briefly the differences between the {\it read rule} of the Bell-LaPadula access policy and the Biba access policy. Do the same for the {\it write rule}. diff -r bd25d9f9d9dc -r 34775227c84f hws/hw05.pdf Binary file hws/hw05.pdf has changed diff -r bd25d9f9d9dc -r 34775227c84f hws/hw05.tex --- a/hws/hw05.tex Sat Sep 23 14:19:09 2017 +0100 +++ b/hws/hw05.tex Sat Sep 23 19:32:21 2017 +0100 @@ -79,6 +79,20 @@ achieve that the transponder $T$ authenticates itself to the car $C$? Does the car authenticate itself to the transponder? +\item What are the main disadvantages of the following + protocol that establishes a mutual key between two + parties $A$ and $B$ with the help of a mutually trusted + third party $S$: + +\begin{center} +\begin{tabular}{l@{\hspace{2mm}}l} +$A \to S :$ & $A, B$\\ +$S \to A :$ & $\{K_{AB}\}_{K_{AS}}$ and $\{\{K_{AB}\}_{K_{BS}} \}_{K_{AS}}$\\ +$A \to B :$ & $\{K_{AB}\}_{K_{BS}}$\\ +$A \to B :$ & $\{m\}_{K_{AB}}$\\ +\end{tabular} +\end{center} + \item \POSTSCRIPT \end{enumerate} diff -r bd25d9f9d9dc -r 34775227c84f hws/hw06.pdf Binary file hws/hw06.pdf has changed diff -r bd25d9f9d9dc -r 34775227c84f hws/hw07.pdf Binary file hws/hw07.pdf has changed diff -r bd25d9f9d9dc -r 34775227c84f hws/hw08.pdf Binary file hws/hw08.pdf has changed diff -r bd25d9f9d9dc -r 34775227c84f hws/hw10.pdf Binary file hws/hw10.pdf has changed diff -r bd25d9f9d9dc -r 34775227c84f hws/hw10.tex --- a/hws/hw10.tex Sat Sep 23 14:19:09 2017 +0100 +++ b/hws/hw10.tex Sat Sep 23 19:32:21 2017 +0100 @@ -6,22 +6,9 @@ \section*{Homework 10} \begin{enumerate} -\item What are the main disadvantages of the following - protocol that establishes a mutual key between two - parties $A$ and $B$ with the help of a mutually trusted - third party $S$: + -\begin{center} -\begin{tabular}{l@{\hspace{2mm}}l} -$A \to S :$ & $A, B$\\ -$S \to A :$ & $\{K_{AB}\}_{K_{AS}}$ and $\{\{K_{AB}\}_{K_{BS}} \}_{K_{AS}}$\\ -$A \to B :$ & $\{K_{AB}\}_{K_{BS}}$\\ -$A \to B :$ & $\{m\}_{K_{AB}}$\\ -\end{tabular} -\end{center} -\item In the context of buffer-overflow attacks, explain briefly -what is meant by a \emph{NOP-sledge}. \end{enumerate} \end{document} diff -r bd25d9f9d9dc -r 34775227c84f style.sty --- a/style.sty Sat Sep 23 14:19:09 2017 +0100 +++ b/style.sty Sat Sep 23 19:32:21 2017 +0100 @@ -43,7 +43,7 @@ \newcommand{\HEADER}{{\bf Please submit your solutions to the email address 7ccsmsen at gmail dot com. Please submit only one homework per email. Please also submit only -ASCII text or PDFs. Every solution should be preceded by the +ASCII text or PDFs (no .docs etc). Every solution should be preceded by the corresponding question, like: \begin{center} @@ -56,7 +56,7 @@ \end{center} \noindent Solutions will only be accepted until -20th December!}\bigskip} +20th December! Submit with your partner a \underline{single} solution!}\bigskip} \newcommand{\POSTSCRIPT}{ {\bf (Optional)} This question is for you to provide