# HG changeset patch # User Christian Urban # Date 1413675711 -3600 # Node ID 51fa0549fc8f34b9ac716f871c22eb2aa21b210c # Parent 95e14b2dbc94e6380268aed9aa34f52d2328eefb updated diff -r 95e14b2dbc94 -r 51fa0549fc8f handouts/ho04.pdf Binary file handouts/ho04.pdf has changed diff -r 95e14b2dbc94 -r 51fa0549fc8f handouts/ho04.tex --- a/handouts/ho04.tex Sat Oct 18 23:07:50 2014 +0100 +++ b/handouts/ho04.tex Sun Oct 19 00:41:51 2014 +0100 @@ -86,17 +86,35 @@ \end{itemize} \noindent This will typically involve quite a lot of -programs on a Unix system. I counted 87 programs with the +programs on a Unix system. I counted 95 programs with the setuid attribute set on my bog-standard MacOSX system (including the program \pcode{/usr/bin/login}). The problem is that if there is a security problem with one of them, then malicious users (or outside attackers) can gain root access. +The main rule for files that have the setuid attribute set is +that when running such files they will run not with the +callers access rights, but with the owner of the files rights. +So \pcode{/usr/bin/login} will always be running with root +access rights, no matter who invokes this program. + \subsubsection*{Secrecy and Integrity} +\subsubsection*{Further Information} + +If you want to know more about the intricacies of the +``simple'' Unix access control system you might find the +relatively readable paper about ``Setuid Demystified'' +useful. + +\begin{center}\small +\url{http://www.cs.umd.edu/~jkatz/TEACHING/comp_sec_F04/downloads/setuid.pdf} +\end{center} + + \end{document} %%% Local Variables: