Computer Systems Security: Winter 2018 Assignment 1: Difference between revisions
Created page with "'''This assignment is not yet finalized.''' Please answer the following questions. Submit your answers as a text or PDF file via cuLearn by January 31, 2018 (date to be conf..." |
|||
Line 6: | Line 6: | ||
<ol> | <ol> | ||
<li>'''Classic UNIX permissions'''</li> | |||
<ol style="list-style-type:lower-alpha"> | |||
<li>UNIX has users (UIDs) and groups (GIDs). From the kernel's perspective, users and groups are labels applied to what OS-level abstractions?</li> | |||
<li>UNIX file permissions are grouped into three categories, user, group, and other. It it possible for the "other" category to have greater access to a file than the owner of a file? Explain with a brief example.</li> | |||
<li> | |||
<li> | |||
</ol> | |||
<li>'''setuid root binaries''' (4 points)</li> | <li>'''setuid root binaries''' (4 points)</li> | ||
<ol style="list-style-type:lower-alpha"> | <ol style="list-style-type:lower-alpha"> |
Revision as of 19:59, 23 January 2018
This assignment is not yet finalized.
Please answer the following questions. Submit your answers as a text or PDF file via cuLearn by January 31, 2018 (date to be confirmed).
Questions
- Classic UNIX permissions
- UNIX has users (UIDs) and groups (GIDs). From the kernel's perspective, users and groups are labels applied to what OS-level abstractions?
- UNIX file permissions are grouped into three categories, user, group, and other. It it possible for the "other" category to have greater access to a file than the owner of a file? Explain with a brief example.
- setuid root binaries (4 points)
- What are setuid root binaries?
- Why are setuid root binaries important in most UNIX-like systems?
- What is the risk of setuid root binaries? Be specific.
- Briefly describe a potential vulnerability in a setuid root binary and how an attacker could exploit it.