Chapter 7

Question 0

What does the unix security focuses on?

Answer 0

Focus on:

• protecting users from each other.
• protecting against attacks from the network.

Question 1

Who manages security in unix ?

Answer 1

Security managed by skilled administrator, not by user.

Example: command line tools and scripting.

Question 2

What does the secure versions of unix indicate?

Answer 2

Support of multi-level security.

Question 3

What is principles called?

Answer 3

User identifiers (UID) and group identifiers (GID).

Question 4

What is UID/GID ?

Answer 4

A UID/GID is a 16-bit numbers. UID values differ from system to system. Root UID is always zero.
(Example, 0:root 1:bin 2:daemon…)

Question 5

Where is information about principals stored?

Answer 5

User accounts and home directories.

Question 6

Where is user accounts stored?

Answer 6

/etc/psswd file

Question 7

What is the format of user account?

Answer 7

Username:password:UID:GID:name:homedir:shell

Question 8

What are the user account details?

Answer 8

Username: up to eight characters long
Password: stored “encrypted”
User ID: user identifier for access control
Group ID: user’s primary group
ID string: user’s full name
Home directory
Login shell: program started after successful log in

Question 9

Define superuser.

Answer 9

The superuser is a special privileged principal with UID 0 and usually the user name root.

Question 10

What are the restrictions on the superuser?

Answer 10

1) all security checks are turned off for superuser.
2) the superuser can become any other user.
3) the superuser can change the system clock.
4) superuser cannot write to a read-only file system but can remount it as writable.
5) superuser cannot decrypt passwords but can reset them.

Question 11

Where does every user belong to?

Answer 11

Primary group.

Question 12

Where is the GID of the primary group is stored in?

Answer 12

/etc/passwd

Question 13

Where is the list of all groups stored? And what is the format of the entries stored?

Answer 13

/etc/group

Format: groupName:password:GID:listOfUsers

Question 14

What is collecting users in groups mainly convenient for?

Answer 14

Access control decisions.

Question 15

What is subjects in unix? How can they be generated?

Answer 15

The subjects in unix are processes; a process has a process ID (PID). Processes have a real UID/GID and an effective UID/GID. New processes are generated with exec or fork.

Question 16

Define real UID/GID and effective UID/GID.

Answer 16

Real UID/GID: inherited from the parent; typically UID/GID of the user logged in.

Effective UID/GID: inherited from the parent process or from the file being executed.

Question 17

Where is passwords stored? How are they encrypted?

Answer 17

Passwords stored in /etc/passwd “encrypted” with the algorithm crypt(3).

Question 18

How does crypt(3) function?

Answer 18

Cryot(3) is a one-way function:

Slightly modified DES algorithm repeated 25 times with all-zero block as start value and the password as key.

Question 19

What is salting?

Answer 19

Password encrypted together with a 12-bit random “salt” that is stored in the clear.

Question 20

How do you disable a user account ?

Answer 20

To disable a user account, let the password field starts with an asterisk; applying the one-way function to a password can never result in an asterisk.

Question 21

What is shadow password files?

Answer 21

Passwords are not stored in /etc/passwd but in a shadow file that can only be accessed by root. This file can also be used for password aging and automatic account locking.

Question 22

What are the file entries of a shadow password file?

Answer 22

Username
User password
Days since password was changed
Days left before user may change password
Days left before user is forced to change password
Day to "change password" warning
Days left before password is disabled
Days since the account has been disabled
Reserved

Question 23

How are resources organized?

Answer 23

In a tree-structured file system.

Question 24

What does a file entry in a directory point to?

Answer 24

Inode.

Question 25

What are the fields in an inode?

Answer 25

Mode: type of file and access rights
UID: username of the owner
GID: owner group
Atime: access time
Mtime: modification time
Itime: inode alteration time
Block count: size of file
Physical location

Question 26

What fields does the directory listing include?

Answer 26

File type: first character
- file, d directory, b block device file, c character device file, s socket
File permission: next nine characters
Link counter: the number of links (directory entries pointing to the file)
Username: of the owner; usually the user that has created the file.
Group: depending on the version of unix, a newly created file belongs to its creator’s group or to its directory’s group.
File size: modification time, file name.
Time and date (mtime)
Name of the file.

Question 27

How is file permission is presented?

Answer 27

The file permission (permission bits) are grouped in three triples that define read(r), write(w), execute(x) access for owner, groups, and other respectively. A ‘-‘ indicates that a right is not granted.