seed-capabilities.pdf

If there are não precisa se usar nossa vm uml

This preview shows page 2 - 5 out of 7 pages.

, your effective user id becomes root, and the running process is very powerful. If there are não precisa se usar nossa VM UML
Image of page 2

Subscribe to view the full document.

Laboratory for Computer Security Education 3 vulnerabilities in ping , the entire system can be compromised. The question is whether we can remove these privileged from ping . Let us turn /bin/ping into a non- Set-UID program. This can be done via the following command (you need to login as the root): # chmod u-s /bin/ping Note: Binary fi les like ping may locate in different places in different distribution of Linux, use ’which ping’ to locate your ping program. Now, run ’ping ; , and see what happens. Interestingly, the command will not work. This is because ping needs to open RAW socket, which is a privileged operation that can only be conducted by root (before capabilities are implemented). That is why ping has to be a Set-UID program. With capability, we do not need to give too much power to ping . Let us only assign the cap net raw capability to ping , and see what happens: $ su root # setcap cap_net_raw=ep /bin/ping # su normal_user $ ping Question 1: Please turn the following Set-UID programs into non- Set-UID programs, without affect- ing the behaviors of these programs. /usr/bin/passwd Question 2: You have seen what we can do with the cap net raw capability. We would like you to get familiar with several other capabilities. For each of the following capabilities, do the following: (1) explain the purpose of this capability; (2) fi nd a program to demonstrate the effect of these capabilities (you can run the application with and without the capability, and explain the difference in the results). You can also write your own applications if you prefer, as long as they can demonstrate the effect of the capability. Here is the list of capabilities that you need to work on (read include/linux/capability.h to learn about the capabilities). cap dac read search cap dac override cap fowner cap chown cap fsetid cap sys module cap kill cap net admin
Image of page 3
Laboratory for Computer Security Education 4 cap net raw cap sys nice cap sys time 3.2 Task 2: Adjusting Privileges Compared to the access control using ACL (Access Control List), capabilities has another advantage: it is quite convenient to dynamically adjust the amount of privileges a process has, which is essential for achieve the principle of least privilege. For example, when a privilege is no longer needed in a process, we should allow the process to permanently remove the capabilities relevant to this privilege. Therefore, even if the process is compromised, attackers will not be able to gain these deleted capabilities. Adjusting privileges can be achieved using the following capability management operations. 1. Deleting: A process can permanently delete a capability. 2. Disabling: A process can temporarily disable a capability. Unlike deleting, disabling is only tempo- rary; the process can later enable it.
Image of page 4

Subscribe to view the full document.

Image of page 5
  • Fall '19
  • Access control list, Linux kernel, Capability-based security, Principle of least privilege, Computer Security Education

{[ snackBarMessage ]}

What students are saying

  • Left Quote Icon

    As a current student on this bumpy collegiate pathway, I stumbled upon Course Hero, where I can find study resources for nearly all my courses, get online help from tutors 24/7, and even share my old projects, papers, and lecture notes with other students.

    Student Picture

    Kiran Temple University Fox School of Business ‘17, Course Hero Intern

  • Left Quote Icon

    I cannot even describe how much Course Hero helped me this summer. It’s truly become something I can always rely on and help me. In the end, I was not only able to survive summer classes, but I was able to thrive thanks to Course Hero.

    Student Picture

    Dana University of Pennsylvania ‘17, Course Hero Intern

  • Left Quote Icon

    The ability to access any university’s resources through Course Hero proved invaluable in my case. I was behind on Tulane coursework and actually used UCLA’s materials to help me move forward and get everything together on time.

    Student Picture

    Jill Tulane University ‘16, Course Hero Intern