security - Computer Science 322 Operating Systems Mount...

Info iconThis preview shows pages 1–3. Sign up to view the full content.

View Full Document Right Arrow Icon
Computer Science 322 Operating Systems Mount Holyoke College Spring 2008 Topic Notes: Protection and Security The operating system is (in part) responsible for protection – to ensure that each object (hardware or software) is accessed correctly and only by those processes that are allowed to access it. We have seen protection in a few contexts: memory protection file protection CPU protection We want to protect against both malicious and unintentional problems. Protection Domains There are a number of ways that an OS might organize the access rights for its protection system. A domain is a set of access rights and the objects (devices, files, etc.) they refer to. An abstract example from another text (Tanenbaum): This just means that processes executing in, for example, domain 1, can read file1 and can read and write file2. The standard Unix protection system can be viewed this way. A process’ domain is defined by its user id (UID) and group id (GID). Files (and devices, as devices in Unix are typically accessed through special files) have permissions for: user, group, and other. Each can have read, write, and/or execute permission. A process begins with the UID and GID of the process that created it, but can set its UID and GID during execution. Whether a process is allowed a certain type of access to a certain file is determined by the UID and GID of the process, and the file ownership and permissions. The superuser (UID=0) has the ability to set processes to any UID/GID. Regular users usually rely on setuid and setgid programs in the filesystem to change UID/GID.
Background image of page 1

Info iconThis preview has intentionally blurred sections. Sign up to view the full version.

View Full DocumentRight Arrow Icon
CS 322 Operating Systems Spring 2008 An executable file with the setuid (setgid) bit set will execute with the effective UID (GID) of the file’s ownership rather than the process that runs it. See Example: /cluster/examples/setuid In this example, we see the use of several system calls related to user and group ids. We can get our uid, effective uid, and gid with system calls. The uid is the user who started the process and that user’s default group. The effective uid can be changed if the setuid bit is set on the program file. We can set the uid and gid bits of the file with chmod and chgrp commands. Example: see /usr/X11R6/bin/xterm on your favorite Unix system. Yes, each time you start an xterm, you’re the superuser (!), at least for a few moments. Recall that almost everything in the Unix world that requires protection by the OS uses the file system and its permissions: ttys (mesg/write) named pipes/semaphores process information (procfs) Other possible protection mechanisms: protection matrix access control lists capabilities In any case, the OS must enforce the protection mechanism as appropriate.
Background image of page 2
Image of page 3
This is the end of the preview. Sign up to access the rest of the document.

Page1 / 7

security - Computer Science 322 Operating Systems Mount...

This preview shows document pages 1 - 3. Sign up to view the full document.

View Full Document Right Arrow Icon
Ask a homework question - tutors are online