Difference between revisions of "Operating Systems 2017F Lecture 23"
| Line 14: | Line 14: | ||
- is it running "bad code" <br> | - is it running "bad code" <br> | ||
- is it doing "bad things" <br> | - is it doing "bad things" <br> | ||
-- For example: password program start modifying files other than etc/password. You | -- For example: password program start modifying files other than etc/password. You could specify rules to prevent this. <br> | ||
-- bad system calls | -- bad system calls<br> | ||
For a process to do damage, it has to make "bad" system calls <br> | |||
I want to be lazy <br> | |||
- complex rules are a pain <br> | |||
- and they don't work well either <br> | |||
Make the computer solve this problem <br> | |||
Revision as of 14:39, 7 December 2017
Additional Notes
Written solutions for midterm exam are on the course webpage
Assignment 4
Q2: SSH keygen generates the secret key and the public key file. The private key is stored in the private key file: .ssh/id_rsa
Q4: Both lines because first you start from 1 and then increment from there.
Q11: Only bs because it is write. Would be ibs and bs if it was read.
Q12: Local kernel forwards the write system call but doesn't actually make the system call. Kernels don't make system calls.
Lecture 23 Prof Notes
How can you tell when a process has been compromised.
- from outside the process
Use signatures
- is it running "bad code"
- is it doing "bad things"
-- For example: password program start modifying files other than etc/password. You could specify rules to prevent this.
-- bad system calls
For a process to do damage, it has to make "bad" system calls
I want to be lazy
- complex rules are a pain
- and they don't work well either
Make the computer solve this problem