Security

Question 1

what is the main concern for the OS in terms of security

Answer 1

separate users and processes in memory and the filestore

Question 2

how do we block users from changing the OS

Answer 2

privilege levels

Question 3

how is a users account protected

Answer 3

a hash is used to encrypt

the password file is salted

Question 4

what is salting

Answer 4

add an extra substring

Question 5

what do firewalls protect

Answer 5

LAN

Question 6

how are files protected

Answer 6

access control and permissions as part of the filing system

Question 7

how are processes protected

Answer 7

privilege

Question 8

what does setUID do

Answer 8

allow untrusted users to run trusted code

Question 9

what is a buffer overflow attack

Answer 9

overfill the buffer to get a pointer to an unauthorised location.

Question 10

what is a denial of service attack

Answer 10

overload the server until it breaks

Question 11

what processor privilege levels are there

Answer 11

user and supervisor

supervisor can do anything, whereas user is restricted

Question 12

where are privileges set

Answer 12

page tables, MMU

Question 13

when does a user switch to supervisor

Answer 13

reset

system calls

interrupts

memory faults

emulator trap

Question 14

how would you overcome a buffer overflow attack

Answer 14

don’t assume inputs are always legal

use a canary- a random value checked by the compiler

make target stack space non executable

address randomisation

Question 15

describe hardware vs software privilege

Answer 15

users can be user or superuser. this determines who can run a program

when it comes to serving system calls, this is a hardware privilege. no matter whether the user is superuser or not, to service a system call the hardware privilege must be changed.