Operating Systems 2017F Lecture 22: Difference between revisions

From Soma-notes
Created page with "==Video== [http://homeostasis.scs.carleton.ca/~soma/os-2017f/lectures/comp3000-2017f-lec22-05Dec2017.mp4 Lecture 22 Video] ==Notes== ===In Class=== <pre> Lecture 22 ------..."
 
Line 34: Line 34:
* distributed operating systems
* distributed operating systems
</pre>
</pre>
ADDITIONAL NOTES :
Comp 3000
Premissions on this directory, readable writable and executable
Execute permission on a Regular file : you can execute
Execute permission on a directory : follow the links on the directory
Can’t make any changes to the directory if you can’t write
There are exceptions : 
Less/etc/passwd: doesn’t actually store the password
if you want to change this file, you must have a way to allow limited editing to this.
 You can have a process running as root and send it signals and tell it to update the entry in the password file.
o Starting up a process which has more privileges which I can do , ex: EUID
Ls –la /sbin | grep rws : execve EUID will be set to whatever it is from the file . equal to the uid
Ls –la /sbin | grep r-s: s is a sticky bit, if you need extra premissions
You want your stcky bit to be a regular user
Euid = uid yes
Cd /tmp : directory in which everyone can write
This allows binaries run as users
Set uid and get guid :
Myid has euid now
Change the ownership
- > chown root : root myid
- >chown root : root mytouch
Ls –la : 3rd column identifies the ownership of each file on the file system
You can overwrite any file on the fille system using mytouch binary
Question : why can you remove file owned by root?
- > to change the context of the directory , the permissions of a file don’t matter but the permissions and privileges  of the directory only matter
o Someone putting a directory in ur directory is hard to remove
- Ssh to a remote serve :
- 2 public keys involved: identity key, private key pair: one in the known host file (connecting to the machine).
- If you rm _known host and do ssh , a question will ask you to add the key to ur host file
- What happens if a person tries to personate your machine (same IP address)?
o It will identity it is a fake person from the host
First line is a Hashed versionof an IP address : cat .ssh/known_host
Ssh demon : running in the background and must have a public key to identify its self. process that runs in the background that doesn’t run in the background(connects 1 file system to another)
- > connects sockets and listens to connect. Doesn’t interact with user
Thursday: written version of the solutions for the midterm and we will talk about assignment 4
3000 class content
We didn’t discuss scheduling much :
Virtual memory: similar to scheduling since, If you don’t have enough memory , you delete the page that you may want to need at last . Choosing which pages you replace : one-handed and two-handed clocks
Power management
Security
Virtualization : not one thing , vm ware, system which run multiple of kernels.
SSH question student asked, how can they know that they have the private key belongs to the pubkey it belongs to: sends a public key or a hash of th Pubkey , then an exchange : yes I have a secret key which can be inverted by the pubkey. Private key must be corresponding. encrypts with thr private key and sends it back

Revision as of 16:17, 7 December 2017

Video

Lecture 22 Video

Notes

In Class

Lecture 22
----------

What's left?

* scheduling
* device drivers
* virtual memory
  - page replacement algorithms
    - predict the future (optimal)
    - least recently used
    - one-handed, two-handed clocks
* power management
* security
  - hardening processes so coding errors don't lead to vulnerabilities
    (machine code injection, e.g. buffer overflow attacks)

* virtualization
  - hardware-level  (run multiple kernels)  <-- vmware, openstack
  - OS-level        (run multiple userspaces) <-- containers, web hosting
  - application level (run programs on simulated machines)
     - JVM
     - JavaScript runtime in browsers/node
 
* distributed operating systems



ADDITIONAL NOTES :


Comp 3000 Premissions on this directory, readable writable and executable Execute permission on a Regular file : you can execute Execute permission on a directory : follow the links on the directory Can’t make any changes to the directory if you can’t write There are exceptions : Less/etc/passwd: doesn’t actually store the password

if you want to change this file, you must have a way to allow limited editing to this. 

 You can have a process running as root and send it signals and tell it to update the entry in the password file. o Starting up a process which has more privileges which I can do , ex: EUID Ls –la /sbin | grep rws : execve EUID will be set to whatever it is from the file . equal to the uid Ls –la /sbin | grep r-s: s is a sticky bit, if you need extra premissions You want your stcky bit to be a regular user Euid = uid yes Cd /tmp : directory in which everyone can write This allows binaries run as users Set uid and get guid : Myid has euid now Change the ownership - > chown root : root myid - >chown root : root mytouch Ls –la : 3rd column identifies the ownership of each file on the file system You can overwrite any file on the fille system using mytouch binary Question : why can you remove file owned by root? - > to change the context of the directory , the permissions of a file don’t matter but the permissions and privileges of the directory only matter o Someone putting a directory in ur directory is hard to remove - Ssh to a remote serve : - 2 public keys involved: identity key, private key pair: one in the known host file (connecting to the machine). - If you rm _known host and do ssh , a question will ask you to add the key to ur host file - What happens if a person tries to personate your machine (same IP address)? o It will identity it is a fake person from the host First line is a Hashed versionof an IP address : cat .ssh/known_host Ssh demon : running in the background and must have a public key to identify its self. process that runs in the background that doesn’t run in the background(connects 1 file system to another) - > connects sockets and listens to connect. Doesn’t interact with user Thursday: written version of the solutions for the midterm and we will talk about assignment 4 3000 class content We didn’t discuss scheduling much : Virtual memory: similar to scheduling since, If you don’t have enough memory , you delete the page that you may want to need at last . Choosing which pages you replace : one-handed and two-handed clocks Power management Security Virtualization : not one thing , vm ware, system which run multiple of kernels. SSH question student asked, how can they know that they have the private key belongs to the pubkey it belongs to: sends a public key or a hash of th Pubkey , then an exchange : yes I have a secret key which can be inverted by the pubkey. Private key must be corresponding. encrypts with thr private key and sends it back