Lec 3 Set_UID Env_varible shell v1.0.pdf - Welcome to PES University Ring Road Campus Bengaluru CS 421 Information Security OS WEB CLOUD IOT MOBILE

Lec 3 Set_UID Env_varible shell v1.0.pdf - Welcome to PES...

This preview shows page 1 - 14 out of 107 pages.

Welcome to PES University , Ring Road Campus, Bengaluru
Image of page 1

Subscribe to view the full document.

CS 421 Information Security OS, WEB, CLOUD, IOT, MOBILE Lecture 2, 16 Aug 2019 Prasad Honnavalli
Image of page 2
Disclaimer This presentation is purely educational. The views expressed by the presenter is not representation of any organization. The views are based on professional experience of the presenter and no liability is accepted by the presenter in the event of any potential or perceived losses resulting from this presentation. 21 Aug 2019 3
Image of page 3

Subscribe to view the full document.

General rules of engagement Raise your hand - if you have a Question 21 Aug 2019 4
Image of page 4
A note on security In this course, you will be exposed to information about security problems and vulnerabilities with computing systems and networks. You will be exposed to Malware Analysis. To be clear, you are not to use this or any other similar information to test the security of, break into, compromise, or otherwise attack, any system or network without the express consent of the owner. In particular, you will comply with all my instructions when doing the labs. My instructions will be in consonance with applicable laws of India and PES University policies. If in any doubt, Please consult your professor! Any violation is at YOUR RISK! And may result in severe consequences 21 Aug 2019 5
Image of page 5

Subscribe to view the full document.

TIOBE Index for August 2019 21 Aug 2019 6
Image of page 6
For those unfamiliar with C Google these things (in this order): C pointers Pointer arithmetic Pointers and arrays C dynamic memory allocation C sizeof operator 21 Aug 2019 7
Image of page 7

Subscribe to view the full document.

32 bit Machine Type Size (in bytes) int or signed int 4 char 2 long 8 float 8 double 16 21 Aug 2019 8 Note: We cannot add two pointers. This is because pointers contain addresses, adding two addresses makes no sense, because you have no idea what it would point to. But we can subtract two pointers. This is because difference between two pointers gives the number of elements of its data type that can be stored between the two pointers. The concept of pointer arithmetic remains exact same, but the size of pointer and various datatypes is different in a 32 bit machine. Pointer in 32 bit machine is of 4 bytes . And, following is a table for Size of datatypes on 32-bit Machine :
Image of page 8
Set-UID Privileged Programs This is based on the book Computer Security - a hands-on approach by WenLiang Du
Image of page 9

Subscribe to view the full document.

Need for Privileged Programs Password Dilemma Permissions of /etc/shadow How would normal users change their password? In Linux, users’ password is stored in the shadow file 21 Aug 2019 10
Image of page 10
Two-Tier Approach Implementing fine-grained access control in operating systems make OS over complicated. OS relies on extension to enforce fine-grained access control Privileged programs are such extensions 21 Aug 2019 11
Image of page 11

Subscribe to view the full document.

Types of Privileged Programs Daemons Computer program that runs in the background Needs to run as root or other privileged users Set-UID Programs Widely used in UNIX systems Program marked with a special bit 21 Aug 2019 12
Image of page 12
Superman Story Power Suit Superpeople: Directly give them the power
Image of page 13

Subscribe to view the full document.

Image of page 14
  • Winter '17
  • student

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern

Ask Expert Tutors You can ask You can ask ( soon) You can ask (will expire )
Answers in as fast as 15 minutes