Computer Systems Security: Winter 2018 Assignment 1

From Soma-notes
Revision as of 03:21, 5 February 2018 by Soma (talk | contribs) (→‎Solutions)

Please answer the following questions. There are 13 questions with 20 points. Submit your answers as a text or PDF file via cuLearn by January 31, 2018 at 11:55 PM. Be sure to put your name and student number at the beginning of your submission.

When answering each question, please indicate the sources of your answer. This could be a man page, your own experiments, discussion with a friend, or a website. Please list all your sources. You are allowed to collaborate; such collaboration should be clearly documented! If you already know an answer because of background knowledge you had before the class, that is fine, just state that this is the case.

Questions

  1. [1] UNIX has users (UIDs) and groups (GIDs). From the kernel's perspective, users and groups are labels applied to what kernel-level abstractions?
  2. [2] UNIX file permissions are grouped into three categories, user, group, and other. Is it possible for the "other" category to have greater access to a file than the owner of a file? Explain with a brief example.
  3. [2] What is the difference between read and execute permission on a directory? How can you verify this is the case?
  4. [2] What is the "sticky bit"? What "attack" does the sticky bit prevent?
  5. [1] What are setuid root binaries?
  6. [1] Why are setuid root binaries important in most UNIX-like systems?
  7. [1] What is the risk of setuid root binaries? Be specific.
  8. [2] Briefly describe a potential vulnerability in a setuid root binary and how an attacker could exploit it.
  9. [1] TCP wrappers and host-based firewalls defend against similar threats. What type of threats do they protect against?
  10. [1] What is the key technical difference between how TCP wrappers and host-based firewalls work?
  11. [2] How does the behavior of your system change when you connect to a VPN? How can you verify that a VPN is working as it should?
  12. [2] How does a VPN improve the security of an organization? What is the fundamental limitation of a defense strategy organized around VPNs?
  13. [2] What VPN software does Carleton use? What is a specific (functional) benefit you can get when you use the Carleton VPN?

Solutions

  1. processes and files
  2. Yes, it is possible. For example, if we set the permissions of foo.txt to 066, then everyone except for the file owner will be able to read and write the file. (Of course, the owner can change these permissions at any time.)
  3. Read permission lets you list the files in a directory. Execute permission lets you open or execute a file named in the directory. You can verify this by setting only read or execute permissions with the chmod command (e.g., chmod a-r to remove read permissions, chmod a-x to remove execute permissions) and then seeing what access you have.
  4. Normally anyone who can write to a directory can also remove any file in the directory (as write privileges implies unlink privileges). If the sticky bit is set on such a directory with the command "chmod +t", however, users can only unlink their own files. Thus the sticky bit is normally set on system temporary file directories (e.g., /tmp, /var/tmp) and other world-writable directories.
  5. Setuid binaries have the setuid bit set (chmod u+s). This bit instructs the kernel to change the effective uid of the process after an execve to the owner of the exec'd binary. Setuid root binaries are binaries that are owned by root with the setuid bit set; thus, when they are run, they run with full root privileges.