CSE 409 Fall 2011 Homework 1

CSE 409 Fall 2011 Homework 1

Due at the beginning of class on 9/26.
  1. Are POSIX draft ACLs monotonic?
    1. (5 points) Can adding an ACL entry to a file ever revoke a process' ability to access that file?
    2. (5 points) Can adding a group to a process' groups ever revoke that process' ability to access a file?
    SuSe provides a very clear explanation of POSIX ACLs on Linux. See, in particular, the section titled, "Access Check Algorithm". In answering each question, you should provide either a counter-example to monotonicity or a "proof" that the system is monotonic. By "proof", I mean an airtight argument, but it does not have to be expressed in mathematical notation.
  2. Both Windows and Linux support extra permissions for specific system actions, such as shutting down the system, killing other peoples' processes, configuring the network, etc. In Linux, these are called "capabilities", and you can learn more about them from the Linux capabilities man page. In Windows, they are called "privileges", and are described in MSDN Privilege Constants. The goal of creating these privileges/capabilities is to break apart the sysadmin functions into many smaller, less powerful functions, so that programs can be given less power than "full administrator". Unfortunately, that's not always easy. In fact, in both Windows and Linux, some capabilities/privileges can be used to easily gain all capabilities/privileges on the system.
    1. (5 points) Give an example of a Linux capability that can be used to gain full administrator privileges, and explain how to do it.
    2. (5 points) Ditto for Windows privileges.
  3. Recall that Biba is the "integrity" version of Bell-Lapadula, i.e. security levels correspond to the integrity level of data, such as "FirstHand", "SecondHand", and "Internet".
    1. (5 points) Bell-Lapdadula had compartments, such as "JFK", "Aliens", etc. What do compartments mean in Biba?
    2. (5 points) What are the access control rules for reading and writing in a Biba system with "compartments".
    3. (5 points) Information gained from multiple sources should have a higher level of confidence. So, for example, SecondHand information collected from two sources can be upgraded to FirstHand. Encode this idea into Biba by adding a single simple rule.