Difference between revisions of "Operating Systems 2017F Lecture 23"
| Line 5: | Line 5: | ||
Q2: SSH keygen generates the secret key and the public key file. The private key is stored in the private key file: .ssh/id_rsa <br> | Q2: SSH keygen generates the secret key and the public key file. The private key is stored in the private key file: .ssh/id_rsa <br> | ||
Q4: Both lines because first you start from 1 and then increment from there. <br> | Q4: Both lines because first you start from 1 and then increment from there. <br> | ||
Q11: Only bs because it is write. Would be ibs and bs if it was read. | Q11: Only bs because it is write. Would be ibs and bs if it was read. <br> | ||
Q12: Local kernel forwards the write system call but doesn't actually make the system call. Kernels don't make system calls. | Q12: Local kernel forwards the write system call but doesn't actually make the system call. Kernels don't make system calls.<br> | ||
Lecture 23 Prof Notes <br> | |||
----------------- | |||
How can you tell when a process has been compromised. <br> | |||
- from outside the process <br> | |||
Use signatures <br> | |||
- is it running "bad code" <br> | |||
- is it doing "bad things" <br> | |||
-- For example: password program start modifying files other than etc/password. You should specify rules to prevent this. <br> | |||
-- bad system calls | |||
Revision as of 14:34, 7 December 2017
Additional Notes
Written solutions for midterm exam are on the course webpage
Assignment 4
Q2: SSH keygen generates the secret key and the public key file. The private key is stored in the private key file: .ssh/id_rsa
Q4: Both lines because first you start from 1 and then increment from there.
Q11: Only bs because it is write. Would be ibs and bs if it was read.
Q12: Local kernel forwards the write system call but doesn't actually make the system call. Kernels don't make system calls.
Lecture 23 Prof Notes
How can you tell when a process has been compromised.
- from outside the process
Use signatures
- is it running "bad code"
- is it doing "bad things"
-- For example: password program start modifying files other than etc/password. You should specify rules to prevent this.
-- bad system calls