All of the commands in the program are executed by the owner and not by the

All of the commands in the program are executed by

This preview shows page 90 - 91 out of 102 pages.

owner of the program. All of the commands in the program are executed by the owner and not by the user-id of the person who ran the program. If the owner of the setuid program id root then the commands in the program are run with root privileges ! Setuid programs are clearly a touchy security issue. When giving away one's rights to another user (especially those of root ) one is tempting hackers. Setuid programs must be secure . A setgid program is almost the same, but only the group id is set to that of the owner of the file. Often the effect is the same. An example of a setuid program is the ps program. ps lists all of the processes running in the kernel. In order to do this it needs permission to access the private data structures in the kernel. By making ps setgid root, it allows ordinary users to be able to read as much as the writers of ps thought fit, but no more. Naturally, only the superuser can make a file setuid or setgid root. Next, we have the problem of what to do with setuid programs which are read across the network. If we mount a filesystem across a network, we have no control over what goes into the file. Suppose then a stupid system administrator, angry at the world and dying for revenge, made a setuid root program which executed every command every user gave to it - then suddenly everybody who accessed this file over the network would have root access on their local machine! Clearly careless setuid programs can be a security risk, so network-based filesystems give the option of disallowing setuid programs. 8.4 Backups Accidents happen even to the most careful users. Users delete files without meaning to, power failure leads to disk corruption, software bugs can delete files, system administrators can make mistakes - and of course someone might actually steal your computer! User data are the most important part of a computer system - anything else can be replaced. New disks can be bought, software can be loaded in afresh - but once user data are gone, they are gone. It is therefore important to backup user data regularly. From a network vantage point, it is useful to be able to take backups centrally. In BSD UNIX, this can be done using the rdump command. Backing up data is expensive - both in terms of man-hours and in the cost of storage media. Some systems use secondary disks to keep backups of important data. The cheaper alternative is to use tape. Tape comes in many forms. the most common in use today are Standard -inch tape cartidges. EXABYTE 8mm (video tape!) DAT (Digital audio tape) Larger systems may also use half-inch tape. Tape machines are becoming more intelligent and often include compression software in their device drivers which packs more information into the same space on the tape. An EXABYTE video tape with normal compression can hold up to 5GB of data. Newer drives support 10GB, but device drivers are not easy to come by.
Image of page 90
Image of page 91

You've reached the end of your free preview.

Want to read all 102 pages?

  • One '20

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern

Ask Expert Tutors You can ask You can ask ( soon) You can ask (will expire )
Answers in as fast as 15 minutes