OS_FS_STEM2015x - CSAW Program for High School Women

Download Report

Transcript OS_FS_STEM2015x - CSAW Program for High School Women

FILE SYSTEMS AND
OPERATING SYSTEMS
THEIR ROLES AND CONTRIBUTIONS TO SECURITY
SLIDES FROM ANAM WAHEED, TEHILA MINKUS, THOMAS
SELLIE-LUND, AND ADDED TO BY LINDA
JOKE OF THE DAY
https://www.xkcd.com/149/
WHAT IS THE COMMAND LINE
INTERFACE
•
•
•
Simple interface to entire system
•
Can add “arguments” that are given to the program as raw
text, the program then decides what they are and what to do
with them, each argument is separated by a space
Non-graphical UI
Every command is a program, when you enter it, the terminal
searches thru standard directories (e.g. /bin /usr/bin ….) for
the program, and then runs it
REMEMBER!
• cd changes the “current directory” to whatever you enter
• One of the few things actually handled by the terminal,
instead of being executed as a program
• ls lists the directory contents
• The executable program ls is located on our machines
(and most others) at /bin/ls
NEW THINGS!
•
The command line can do practically anything on the system
(provided you know the commands)!
•
Let’s make a file on the command line.
•
touch wonderfile
•
Now use ls to see what files you have!
•
touch makes a empty file with whatever name you provide it
to, or, if already existent, updates the last modified time
NOW LET’S MAKE A DIRECTORY OR
TWO
• mkdir Sandbox
• ls
• cd Sandbox
• mkdir fundir
• ls
NOW LET’S PUT OUR FILE IN THE
DIRECTORY!
• mv moves files around!
• Let’s put wonderfile in fundir
• mv ../wonderfile fundir
• OR! Because I put wonderfile in home, I can do
• mv ~/wonderfile fundir
NOW LET’S MAKE A COPY OF THAT
WONDERFULLY EMPTY FILE!
• cp fundir/wonderfile .
• cp fundir/wonderfile hithere
• ls
YOU CAN MODIFY THE BEHAVIOR OF
COMMANDS BY ADDING A ARGUMENT!
• ls –R
• Goes thru all subdirectories as well!
• Careful! This can take a long time to complete if you start it high
enough up in the directory system!
• This can be referred to by techy people as
• ls opt R
• ls dash R
• ls tack R
GETTING COOL INFO
• ls –l gets you all the cool info about the file
REMOVING THINGS
• rm removes the file it is passed as a argument
• rm doesn’t remove directories
DESTROYING A DIRECTORY
• rmdir is the command you can use to destroy a directory
• The directory must be empty though
• HOWEVER
• Remember rm?
• rm –r can destroy directories (and all the things inside as
well)
WARNING!
!
• rm –r is useful, but it is indiscriminate and can be very
dangerous! (although there are some warnings certain
things will invoke, [Warnings can be disabled with
another argument])
• You can use it to delete a massive amount of things very
quickly, and there is no “recycle bin” to restore the files
from
OTHER THINGS!
• Let’s get a new program onto the computer!
• apt-get install tree
• What went wrong?
SUDO
•
This is a system administration task working with secured
folders and files
•
You need to tell the computer to do this with administrative
(also known as root or superuser) access rights (as least
privilege and other security principles demand that most tasks
don’t have access to administrative files)
•
•
So we need to add “sudo” to the front of the command
sudo apt-get install tree
APT-GET
APT-GET
• What?!
• Don’t worry about it
• APT-GET gets a package from a list of “trusted” sources
• All of those lines deal with the technical specifications of
getting the utility.
• For utilities that require other utilities, you may need to
review a list of dependencies and accept the list first.
Command Line “Simon Says” Activity
JOKE OF THE DAY
https://www.xkcd.com/149/
WE BEGIN OUR QUEST WITH FILE
SYSTEMS
How is your computer organized?
Looks like a resource manager would be useful here!
How would you organize this room?
DEVICE TYPE MATTERS
Hard Disk Drive
Transistor
SSD
Magnetic Tape
Optical Disk
LET’S LOOK AT SOME WORKING FILE
SYSTEMS
1.
2.
NTFS (New Technologies File System)
FAT (File Allocation Table) File System
MOVING ON TO NTFS!
• Inode Blocks
• Data Blocks
• Allocation Bit Maps
STORE A SAMPLE MESSAGE
Message:
This is a sample message for
understanding NTFS. We need to
understand how bit maps and inodes
work in order to do this. Storing this
message is a good way to illustrate their
roles (and I’m sure preferable to
listening to us blab on about them).
REMEMBER THE WAREHOUSE?
Boot
Super
Inode Block
Data Block
Inode Blocks
Allocation Bit Allocation Bit
Map
Map
Data Blocks
0
1
2-5
1884-20000
6-8
9-1883
COMMON FILE SYSTEMS
FAT
• Uses directory entries?
• Uses a Master File Table
(MFT)?
NTFS
• Allocation bit maps
• More complex
• Includes logging
• Default filesystem for
Windows XP and newer
Interactive File System Activity
DIRECTORY HIERARCHY
Directory
structure:
What you
see!
File
System:
What the
computer
sees
SLIDES ON NTFS IN MACHINE
HOW DOES FAT WORK?
• Have a huge “table” with each cell having a
mathematical mapping to a spot on disk.
• Store filenames & other information, along with the start
of the file in question, in a “directory” file (also known as
a folder) with each sub-directory containing the reference
to it’s parent. Have a “special” spot for the “root”
directory.
SO WHAT DOES IT ACTUALLY LOOK
LIKE?
Data Blocks
MBR
File System
Information
(FAT32 Only)
The File
Allocation Table
“Root”
directory
* Picture is NOT to scale
How does the OS add a file in FAT?
• Add an entry to the directory (which acts like a
file itself) with the file’s name.
• Using the FAT table, find an empty address
• Write that address into the directory
• Fill in that space on the disk with your data
– If it’s too big, then write a FAT entry with the
location of the next empty spot and check again!
– Otherwise, write a special entry type in the FAT table
(signifying the end of the file) and you’re good
FAT
(4)
EXAMPLE!
Block 1 Block 2 Block 3
Data Store
New File
0x5566
0x5567
0x5568
0x5569
Associated Bitmap
0x556A
0x556B
0x5566
0x5569
0x0
0x556C
0x5567
0x5568
0x556D
0x5568
0x556A
0x5569
0x556B
0x0
0x556A
0x87AF
0x556B
0x0
0xFFFF
0x556C
0x0
0x556D
0xAA7C
How does the OS find a file in FAT?
• Find its first block location (stored in the
“folder”) (folders have a lot in common with
files)
• Follow and record the chain of FAT slots until
you see one that’s marked with the special
“end” character
• Then get the data and give it to the program
FAT: Pros and Cons
• Pros
– Pretty simple
– Compatible with almost anything
• Cons
– Wasted space
– When disks get large, then FAT gets slow
– No logging or security features
Marshmallow Layering Activity
TREES AND DIRECTORIES
• In file systems, we often don't want the entire drive's files
to be in a single folder.
• We resolve this thru creating folders in folders in folders
• This allows an organization to be imposed on files on the
disk.
In Windows:
• There can be a few trees, each starting with a
drive that looks like “C:”
• Files are organized into groups and placed
inside of folders
• Folders can also hold other folders
In Unix:
• Everything starts from one root, which we write as /
• From there, you can build lots of little trees
underneath.
• Everything in Unix is a file… even the directories.
• Directories are special files that hold the names of
other files or other directories. In this way, the Unix
file system looks like a hierarchical tree.
A Peek at the Unix File System
VIEWING THE FILE TREE
• tree -L 2 ~
File Permissions in Unix
• We have different types of users in Unix.
• Think about a family: you have different levels
of privilege
– Parents can do whatever they want*
– Little kids can do very little
– Teens can do some stuff but not others…
File Permissions in Unix
• There are also groups of privilege!
• Each file thinks about a few types of users:
– Owner
– Group
– Others (the rest of you!)
• And of course… the root can do everything
– Aka “superuser” or “admin”
What privileges exist for file users?
• Reading
• Writing
• Executing
Read permission (r)
• If you have this permission, then you can read
the file’s contents
• If the file is a directory, then you can see the
names of its contents (but nothing else)
Write permission (w)
• If you can write, then you can change the file.
• If it’s a directory, then you can add, delete, and
rename files within the directory.
OVERARCHING PRINCIPLE: LEAST
PRIVILEGE
• Grant something the absolute minimum permissions it
needs to do it’s job
• What are these?
•
A new file needs to be read by people, and written to by the
owner
•
•
Applications need to be able to run
However, there are differences in the level of applications
•
•
Do you want your word processor messing with other applications
Do you want your application updater to work?
LEAST PRIVILEGE IN REAL LIFE
• Cannot determine what your future users will want for
files or applications  In the absence of precognition,
how do you determine what permissions anything needs.
• Solution  classify applications, make general statements
and allow the user to update them
Execute permission (x)
• If you have this permission, you can execute or
run a program
• If the file is a directory, then you can see the
contents and metadata of the files it contains…
but only if you know their name already
• R+x for a directory means you can see its
contents and all their details (date, size, etc)
Permissions Activity
WHAT IS AN OPERATING SYSTEM?
What are some common operating systems?
What is the job of an operating system?
WHAT ARE SOME COMMON OS’S?
https://www.netmarketshare.com/operating-system-market-share.aspx?qprid=10&qpcustomd=0
WHAT ARE THE JOBS OF AN OS?
A simple place for
programs to “stand on”
• Providing a platform for running programs:
• Allowing for the user to interact with the machine
• Interface between software and hardware
• Scheduling resources
and of course…
• Keeping things secure!
OS BASICS
MANAGES RESOURCES
MANAGES PROCESSES
output
Everything is a file…
monitor
disk
printer
output
CPU
OS
keyboard
input
mouse
network
ABSTRACTION IN OS
• Reduce complex things to simple things
• Hide complexity, and prevent misuse thru lack of
understanding
• Remove implementation details
• Hide hardware type from application developer
• Prevent other components from seeing each other
• Hide applications from each other, allow running of programs
without regard to what else is running
WHAT IS A PROCESS?
•
Container for a application
•
•
What?
•
Also allows security, preventing important system details
from being modified because anything the program wants
to do has to go thru it.
It acts as a barrier to the rest of the machine, translating requests,
changing I/O tasks, and generally allowing the program to belive
that it has the computer all to itself, with this nice friendly guy called
“OS” who will give it reasonable requests.
Introducing:
The Black Box
LAYERING
• Create “Layers” of code, each one working on top of the
previous layer
• OS is composed of the layers from just above the “hard”
coded systems in the hardware to the layer right before
the top (and some portions of the top as well), provides
unified “front end” to programs, allowing them to ignore
implementation specific details and provide the user with
what they want
KERNEL VS USER MODE
•
One of the big layers that exists in every modern operating system is the
layer between what is known as “kernel space” and “user space”
•
The core of the operating system exists in kernel mode and it can do
literally anything on the system. Needless to say, the obvious security
issues and the fact that this generally has to deal with the actual
hardware means that the only programs that run in this area are the
operating system itself and “device drivers” signed pieces of code that
provide a interface to the OS from the hardware
•
User applications, the GUI, and some other components of the OS run in
“user” mode. These programs obey the black box process abstraction,
and generally have to obey the “laws” of the system.
LAYERING
• Some things pierce this to some extent, for instance
graphics code can require a certain “tier” of hardware or
run faster on a specific card family
• Also if you try and find out intentionally what hardware is
being used, generally the OS doesn’t try and hide things
like how fast your disk reads are or how many quickly
you execute instructions from you (and most times you can
ask it yourself)
VIEWING HARDWARE ACTIVITY
• sudo lshw -short
Viewing Processes Activity
TOP
ALSO KNOWN AS
PROCESS MURDER ACTIVITY
Scheduling
• I have a job that takes 1 minute.
• You have a job that takes 1 minute.
• She has a job that takes one minute.
• How can we all get our jobs done?
Scheduling
• Idea 1: let’s all use our own machines!
– Does this approach scale?
• Idea 2: Let’s all share the machine in some fair
way!
– This requires scheduling!
Mental Experiment
• Let’s think of a scheduling algorithm
• Things to consider
– Are some jobs more important than others?
– Are you being “fair” to all jobs?
– How quickly can jobs expect to finish with your
system?
– How fast is it to determine which job to do next?
Will you get anything done if it takes you 4 hours
to decide?
Volunteers, please!
• Using our algorithms, let’s get these songs
sung!
Some Scheduling Algorithms
• First In, First Out (aka FIFO)
– Pros? Cons?
• Round robin with time units
– Pros? Cons?
• Priority-based methods (weighted lotteries…)
– Pros? Cons?
Security in Operating Systems
• What is security?
– In a nutshell: “making sure that only the
authorized people or processes can access and
change your stuff”
– CIA:
• Confidentiality
• Integrity
• Authentication
Who might the “bad guys” be?
• Threat modeling:
– A sneaky friend or sibling who wants to read your
diary files
– A computer program that “wants” to crash your
machine (or even something that might not want
to, but is just not programmed very well)
– A botnet worm that wants to make your computer
work for some outside organization…
How can we counter each of these threats?
• The sneaky friend: lock them out with a
password
– Authentication!
• The program trying to crash your PC: keep it
limited to a specific set of resources
– Sandboxing!
• The virus or malware: don’t let it run!
– Antivirus solutions!
BROAD CLASSIFICATIONS
•
•
Broad classifications, determine what permissions a general
class
•
applications should be able to mess with users personal data and
run
•
User files should be viewable and writable by whoever owns them)
Allow user to overwrite the settings, but force them to
recognize this fact
•
E.g. sudo on Unix, UAC on windows.
Logging: The Big Idea
• Instead of writing all the changes when they
happen, let’s keep a diary!
– This change to this file at this time, etc…
• Then, when it gets “big enough”, we’ll write all
the changes into the file system!
What’s the big deal about logging?
• You can avoid writing so many times…
efficiency!
• You can see what changes were made when…
security!
• If it crashes, you can roll back to a previous
state in the journal before all the changes were
committed
Observing Logs Activity
ACKNOWLEDGEMENTS
•
"Computer system bus" by W Nowicki - Own work, based on a
diagram which seems to in turn be based on page 36 of The
Essentials of Computer Organization and Architecture By Linda
Null, Julia Lobur,
http://books.google.com/books?id=f83XxoBC_8MC&pg=PA3
6. Licensed under CC BY-SA 3.0 via Wikimedia Commons https://commons.wikimedia.org/wiki/File:Computer_system_bu
s.svg#/media/File:Computer_system_bus.svg