Operating Systems
Download
Report
Transcript Operating Systems
Operating Systems
Recitation 11, June 9-10, 2002
Motivation
• Privileged facility needs to be available for
general users.
• Example:
Allow user to perform specific operation that
requires root permissions.
Process and file identities
• Process:
(user ID, group ID) x (real, effective)
real: user running program
effective: user whose permissions are used to
access files and resources.
• File:
owner ID, group owner ID
domain (set user ID) bit.
Domain bit (set user ID bit)
• If user X executes a file owned by Y,
whose domain bit is off, then real and
effective user ID’s of process are set to X.
• If domain bit is on, then real user ID of
process is set to X, and effective user ID is
set to Y.
Process real and effective user ID’s
#include <sys/types.h>
#include <unistd.h>
uid_t getuid(void);
uid_t geteuid(void);
• Return real, effective user ID of calling
process.
Process real and effective user ID’s
#include <sys/types.h>
#include <unistd.h>
int setuid(uid_t uid);
• Sets both real and effective user ID’s.
• Only super-user.
int seteuid(uid_t uid);
• Set effective user ID of process.
• Return 0 if OK, -1 on error.
Password file
•
•
•
•
•
•
•
User name
Encrypted password
Numerical user ID
Numerical group ID
Comment field
Initial working dir
Initial shell
char* pw_name
char* pw_passwd
uid_t pw_uid
gid_t pw_gid
char* pw_gecos
char* pw_dir
char* pw_shell
Entries in password file
#include <sys/types.h>
#include <pwd.h>
struct passwd* getpwuid(uid_t uid);
struct passwd* getpwnam(const char *name);
• Return pointer if OK, NULL on error.
• Examples:
– getpwuid is used by ls program to map numerical
user ID in i-node to user’s login.
– getpwnam is used by login program when entering
login name.
Passwords in Unix
• Encryption of Unix passwords: one-way function
(crypt).
• User passwords are far from random.
• Brute force (statistical, dictionary): educated
guess, apply function, compare result.
• Shadow passwords: instead of visible encrypted
passwords (in /etc/passwd file), store with root
access (in /etc/shadow file).
• Breakable.
Exercise description
• Write a program that reads information
from two files which only have owner
permissions, by setting the program’s setuser-ID bit.
• User x runs a program owned by user y,
and the program’s domain (suid) bit is on.
• Users x and y each have a secret file in
their initial directory that only they can
access.
• Program prints a line from both files.
Exercise description
1. Get real user ID (user running program).
Set effective user to real user (if file suid
bit is on then effective user was initially
the program owner).
Read first line of file named secret which
in user’s initial directory, and printout
user’s name, full path of secret file, and
first line of secret file.
Exercise description
2. Get user ID of program owner using stat
function (st_uid member in stat
structure).
Exercise description
3. Get user name and initial directory of
program owner.
Set effective user ID (back) to program
owner.
Read first line of secret file which is in
user’s initial directory, and printout user’s
name, full path of secret file, and first line
of secret file.
Exercise notes
• Save file named secret only with owner
read/write permissions (chmod 600).
• Other users can access this file only using
the ex-suid program.
Exercise description
• Example run:
% /tmp/y/program
real user: x
secret file: /a/home/cc/students/cs/x/secret
secret: X
program owner: y
secret file: /a/home/cc/cs/y/secret
secret: Y
Exercise submission
• Submission: optional.
• Software
Directory: ~username/os02b/ex-suid
Files: ex-suid.c
Permissions: chmod ugo+rx (to above)
• Hardcopy
name, ID, login, CID
ex-suid.c
submit in 281, Nir Noimark, [email protected]
• Environment: Unix, Linux
References
• Operating systems, Sivan Toledo,
Akademon, 2001.
• Operating systems concepts, Abraham
Silberschatz and Peter Galvin, 1994.
• Advanced programming in the Unix
environment, Richard Stevens, AddisonWesley, 1993.