...Explain how the UNIX permission system implements access control. Describe an extension of this system that permits finer control. Access Control in Unix UNIX has an implementation of access control lists for providing the features of security to its users. Every user has a right to log into the system with his/her credentials (username and password) and initiate a process which can further make system requests. Every process is assigned a unique identifying number called the process “uid”. This number can be obtained from the /etc/password file. A sample record from this file looks like below: “uid” essentially is the user id of the user who started the process. Every process may also carry an “effective uid”, which may or may not be different from its uid. Access control lists are also categorized with the use of group ids or group names. Every process has a list of groups, it is associated with. This is the basic level of authentication implemented in Unix. Since Unix understands everything as a file, it is important to see how security is ensured for files in Unix. There are 12 mode bits which are used to encode the privileges related to protection. Out of these 12 bits, first 9 bits are divided into 3 groups. Each group contains 3 bits describing the permissions related to user (u), group (g) and others (o). If a bit is set to “ON”, the corresponding privilege is enabled (r – read, w – write, x – execute). Extension of Unix security system A finer security...
Words: 440 - Pages: 2
...UNIX for DBA`s Author: Sandeep Akkasani 1. INTODUCTION TO UNIX 1.1 Single-User Systems The personal computer (PC) is a small General-purpose system that can execute programs to perform a wide variety of tasks. The PC, however, was designed for use by one person at a time, that is, it is Single-User oriented with MS-DOS as the de facto standard operating system for this range of machines. Single user systems became very popular due to the low cost hardware and wide range of software available for these machines. 1.2 Multi-User Systems As opposed to single-user systems there are also larger systems, which more than one person can use at any time. Such systems are referred to as multi-user systems. Multi-user systems would be required when a number of applications have to be run simultaneously, or common resources, like printers and disks, are to be shared by a number of users. 1.3 Hardware – Multi-User Systems While the hardware components of a multi-user system are similar to that of a singleuser system, the following differences should be noted. The CPU of a multi-user system is more powerful and has capabilities to support multi-programming and multi-tasking, two features essential for multi-user systems. The Hard disk of a multi-user system is bigger in capacity. Most multi-user systems use magnetic tape as external storage for backup of software. Single-user systems use floppies as the backup device. This is because multi-user ...
Words: 8312 - Pages: 34
...to start when trying to understand the basics of any computer hardware system would the operating system. Operating systems are a program which manages the computer’s hardware. These systems provide a basis for application programs and intermediate between the computer’s user and its hardware. There are many different types of Operating serves that are available to use. There are four main Operating systems that are used in today’s Technological world: UNIX, Linux, Mac, and Windows. Each one of these systems has its own unique aspects to offer users, while still sharing the same basics that an operating system needs. Memory Management UNIX/Linux In comparison to other operating systems, UNIX is quite different when it comes to managing its memory. It uses extremely sophisticated memory management algorithms to make the best use of memory resources. Though UNIX and Linux are extremely similar when it comes to how things work internally, there are slight differences that make UNIX distinct. One process that UNIX uses is Swapping; this is done by moving chunks of the Virtual Memory, known as pages, out of the main memory and moving others in. In order for this process to work at its best, those pages that are needed must be accessible in the Main Memory at the demand of the CPU. When a page is expected to be needed in the very near future it is called a resident set. This can lead to errors due to memory allocation issues. If the CPU attempts to access a page that...
Words: 4984 - Pages: 20
...Linux was developed as a variant of the UNIX architecture in 1991 (Stallings, 2012). As more developments were made to the Linux program, it eventually evolved into a “full-featured UNIX system” that has remained free and available to all (Stallings, 2012). GNU is described as a free software set of packages and tolls for designed for developing a UNIX-like operating system that is often used with the Linux kernel. The Free Software Foundation’s GNU project, or GNU Not Linux, provides the necessary tools to developers and has approved the GNU Public License, or GPL (Stallings, 2012). According to Free Software Foundation, or FSF (2007), the GNU Public License discusses the freedom for designers to share and change all versions of the program. Linux is free software, as in free for anyone to use, modify, or copy without restraint. The GNU Public License, or GPL, provides a list of basic permissions, rights, and conveying verbatim copies (FSF, 2007). The main idea of publishing the GPL licensing terms is that no one who uses Linux and/or creates any Linux-derived copy can make the copy proprietary (Stallings, 2012). Under the GPL, basic permissions are granted to all who use, copy, or modify a GNU program. The basic permissions essentially grant unlimited permission to run an unmodified version of a program (FSF, 2007). According to the FSF (2007), permissions are also granted to convey a derivative of an unmodified program; however, the conditions listed below must be met:...
Words: 540 - Pages: 3
...company has 5000 employees who have access to the computer system and there is a need to restrict 10 users from accessing a specific file, there is a need to establish protocols to prevent access. How this is done differs in each operating system. In Unix there are ways to set parameters for the 4990 users to access a single file. These are set within the types of files. They are called regular, directory, special, named pipes, links and symbolic links. Unix operating systems operate these files and routes them into a uniformed system that operates in the background supporting files and giving disk space as needed for files. This is done by using inode (Index node) which controls information the system needed for a specific file. Multiple files can be connected to one inode, but if active the inode will only be associated with one file and a file will be controlled by one inode. A file’s attributes, permissions, and control information are stored within the inode. In the FreeBSD inode for example has a structure that includes the type and access mode, file owner and group-access identifiers, block points and physical blocks of the file. These are used in file allocation, directories and volume structure. This scheme is part of the Unix file access control The file access control is how a user is allowed to have access to a specific file. In this instance 4990 out of 5000 are to have...
Words: 654 - Pages: 3
...UNIX, Linux, Mac, and Windows OS Comparison Paper B. James Bryant UNIX, Linux, Mac, and Windows OS Comparison In 1956, General Motors produced the first OS for its IBM 704 series mainframe. Since then companies around the world, both big and small, have been tirelessly researched, testing, and releasing newer and faster operating systems for the world to use. Among these are systems developed by/for UNIX, Linux, Microsoft, and Apple. In fact, it’s safe to say that these four companies have a monopoly on all current technology used in both the military, corporate, and private sectors all around the world. UNIX Operating System Unix operating systems have the ability to be multi-user, multi-tasking and portable. Multi-user capabilities are accomplished through time sharing which means the processor allocates slices of time to first one process and then the next, sharing the available time in sequence with waiting processes (Nagpal, 2009). Unix can run in either command line interface, CLI, or graphic user interface or GUI mode. A key and unique feature of Unix is that it has a modular design which allows parts of the system to be added or removed without affecting performance of the other parts making Unix systems highly customizable. Unix operating systems have four core components, (1) the kernel, (2) the shell, (3) the file system, and (4) the utilities or tools and applications (Love et al, 2005). The kernel is the lowest layer of the operating system that...
Words: 5010 - Pages: 21
...ABSTRACT Unix is a multifunctional platform capable of handling several users accessing the same applications and files at once. It accomplishes this by setting up a permissions hierarchy and assigning users into groups. As multifunctional as it is, several problems still exist. For one, it has a command line interface. There is no graphical user interface. Second, privilege changes are made either one by one or all at once. Anything else would need to be scripted. Programmers originally built the Unix operating system for other programmers to use. It is an extensible operating system, meaning it allows programmers to extend and change it to do anything they need it to. Essentially, it is built to multitask. It allows multiple users to use the same app or multiple users access to the same file. Although the computer cannot process all the requests at once, it does prioritize the requests to keep things orderly. If multiple people need access to one file, this is commonly done by placing the users into groups, and assigning the groups and users various levels of permission access. There is a hierarchy where groups are on top and access control lists are underneath. The...
Words: 687 - Pages: 3
...Running head: Case Project Case Project Student College Case Project Linux as an operating system is a powerful tool used in businesses for its secure kernel and command line interface. From a small business to a large enterprise, Linux is used to run servers, store vital information and documents. In Outdoor Adventures, this store needs a more efficient computing system. The system will need to keep information available and secure enough to ensure that the information can only be seen by the right people. To help keep things organized, a file structure will also be required to keep all the files with special permissions together for easy access. To better illustrate the security capabilities of Linux Ed Sawicki of Biznix.org said, “The Linux firewall has functionality that rivals expensive commercial firewalls. Its rules allow fine grained control over stateless and stateful packet filtering. The Linux firewall is extensible, allowing new filtering capabilities as the need arises.” This comparison is powerful when considering what would be the most cost effective direction for a business, but also the safest. Another advantage of linux is that it is generally free to try before applying it to a commercial setting. The product can in effect speak for its self by allowing itself to be made publicly available so there is no need to consider it a “business risk” when a technician can experiment with it first before applying it on a much grander scale. “Linux…is...
Words: 1333 - Pages: 6
...What is the function of a redirector? To determine whether a request is meant for the client CPU or the server What are the three tiers in a 3-tier architecture? Client, middleware, server If Alex’s user account belongs to the Teachers group on a Windows Server 2008 network, and the Teachers group has read and execute permissions for the Lessons folder, what can Alex do with documents in the Lessons folder? Open an existing document. Suppose you own a computer that contains a 1 GHz processor, 512 MB of RAM, and an 8 GB hard drive. If you wanted to install Windows Server 2008 on this computer, what is the minimum hardware upgrade you must perform, if any? Increase the hard drive space to 10 GB. You have created a printer object for a new HP LaserJet in your Windows Server 2008 Active Directory. Before users can print to this printer, what else must you create in Active Directory? a. A printer share What is the purpose of a container in an LDAP-compatible NOS directory? To organize similar objects for easier management What is the relationship between threads and multiprocessing? Processes are made of threads; threads within a process can be handled by different processors to improve server performance. When a server’s RAM is fully utilized, where can the NOS store unused information blocks? In a page file on its hard drive What primary advantage does Windows Server 2008 gain by assigning each operation its own 32- or 64-bit memory area? a. Multiple applications...
Words: 636 - Pages: 3
...Linux Security Technologies There are many ways to have internet access these days. Coffee shops, libraries, airports and even public buses have free wireless access. With all these free accesses to the World Wide Web, there is also many potential ways for hackers to potentially get your personal information and use it for their gain. There are many ways to combat this situation by using several security measures with Linux programming, which the majority of the software is free. Some of those security technologies are SELinux, TCP Wrappers, IPtables and Chroot Jail to name a few. SELinux is a security enhancement to Linux which allows users and administrators more control over access control. Access can be constrained on such variables as which users and applications can access which resources. Was developed by the NSA in December of 2000. These resources may take the form of files. Standard Linux access controls, such as file modes (-rwxr-xr-x) are modifiable by the user and the applications which the user runs. Conversely, SELinux access controls are determined by a policy loaded on the system which may not be changed by careless users or misbehaving applications. SELinux also adds finer granularity to access controls. Instead of only being able to specify who can read, write or execute a file, for example, SELinux lets you specify who can unlink, append only, move a file and so on. SELinux allows you to specify access to many resources other than files as well, such...
Words: 1350 - Pages: 6
...that exist for Debian, SuSe, and Gentoo although at this time these were unsupported by anyone. SElinux is based on the concept of Mandatory Access Control. Under MAC, administrators control every interaction on the software of the system. A least privilege concept is used, by default applications and users have no rights, because all rights have to be granted by an administrator because of the system’s security policy. Under DAC, the files are owned by the user also that user has full control over them. If an attacker penetrates that user’s account they can do whatever with the files owned by that user. Standard UNIX permissions are still present on the system, and will be consulted before the SElinux policy during access attempts. If the standard permissions deny access the access is denied so therefore SElinux is not involved. When the standard file permissions do allow access, the SElinux policy will be consulted and access is either gained or denied based on the security contexts of the source process and the targeted object. During the...
Words: 940 - Pages: 4
...ngA Basic UNIX Overview Asriel UNIX FOR DOS ADDICTED WaReZ PuPPieZ AND THEIR PETS Introduction ------------ One of the most common operating systems in existance is Unix. Unix exists in many different flavors, from Berkeley BSD to AT&T System V to SunOs. Basic working knowledge of Unix is almost essential to a hacker, as it is the system a hacker is most likely to come across. If you intend to use the internet at all, or to do any serious exploration of Telenet, the ability to navigate through Unix is a necessity. (Unix is also the single most interesting system in existance: it's just fun to fuck with). Unix Logins ----------- Most Unix logins look essentially the same. A general Unix login prompt looks something like this: connected to five.finger.com login: That first line is the system identifier. Although it's not at all essential to what you are doing, it's good to know what system you are attempting to log on to. The second line is what typically identifies the system you are on as Unix. Almost all Unix systems greet a user with the same prompt: login:. Well, there's not much to do in Unix from the outside, and Unix systems are typically fairly secure at this point. You may be able to obtain a list of users, or current users, by logging in as 'who', but other than that there are few functions available here. Unless you are on the internet, or have accounts specifically...
Words: 3455 - Pages: 14
...of Windows NT and UNIX† Hans Hedbom1,2, Stefan Lindskog1,2, Stefan Axelsson1 and Erland Jonsson1 1Dept of Computer Engineering 2Dept of Computer Science Chalmers University of Technology S-412 96 Göteborg, SWEDEN {sax, Erland.Jonsson}@ce.chalmers.se University of Karlstad S-651 88 Karlstad, SWEDEN {Hans.Hedbom, Stefan.Lindskog}@hks.se Abstract This paper presents a brief comparison of two operating systems, Windows NT and UNIX. The comparison covers two different aspects. First, we compare the main security features of the two operating systems and then we make a comparison of a selection of vulnerabilities most of which we know have been used for making real intrusions. We found that Windows NT has slightly more rigorous security features than “standard” UNIX but the two systems display similar vulnerabilities. The conclusion is that there are no significant differences in the “real” level of security between these systems. †Presented at the Third Nordic Workshop on Secure IT Systems, NORDSEC’ 5-6 November, 1998, Trondheim, Norway. 98, 1. Introduction It has been claimed that the security of Windows NT is far better than that of previous commercial operating systems. In order to verify (or refute) this statement we have made a brief comparison of the security of Windows NT to that of UNIX. UNIX was selected as a reference since it is well-known and widely spread. Thus, the target systems were (1) a networked Windows NT 4.0 and (2) UNIX with NFS (Network...
Words: 6676 - Pages: 27
...CSCI 1483 Intro to UNIX/Linux Ch 1-5 Slide Objectives for Midterm exam prep Ch 1 Objectives * Define OSs, including PC and server OSs * Describe the UNIX and Linux operating systems * Explain the purpose of UNIX/Linux shells * Discuss how to select user names and passwords * Connect to UNIX/Linux using Telnet or SSH * Use basic *nix commands & editing features * Explain the role of a system administrator * Change your password for security * Use multiple commands to view the contents of files * Redirect output to a file Ch 2 Objectives * Discuss UNIX/Linux FSs and list several examples * State the standard tree structure * Define partition and list 3 recommended ones for *nix * What are inodes, and what is stored in them? * Describe contents of: /boot, /bin, /dev, /home, /lib, /mnt, /media, /proc, /root, /sbin, /tmp, /usr, and /var * State purpose of the mount and umount commands * State the path (pathnames) to any file, and prompts * List commands to do the following: * Navigate the FS, create and remove directories, copy and delete files, configure file permissions Ch 3 Objectives * Compare ASCII, binary, and executable files * Understand the types of editors * Tell how to enter the 3 modes of the vi editor * Be able to create and edit files using the vi editor * Be able to create and edit files using the Emacs editor * Nothing to submit for these last 2 objectives ...
Words: 397 - Pages: 2
...LINUX PROGRAMMING FINAL NOTES UNIT 1ST THESE NOTES ARE AS PER SYLLABUS & WILL HELP YOU TO ACHIEVE SUCCESS IN FINAL EXAM OF MCA 5TH SEMESTER. LETS START: UNIT 1ST Linux – The Operating System: Linux is one of popular version of UNIX operating System. It is open source as its source code is freely available. It is free to use. Linux was designed considering UNIX compatibility. It's functionality list is quite similar to that of UNIX. Linux is a free distributed implementation of a Unix-like Kernel Developed by Linus Torvalds at the University of Helsinki with the help of programmers across the Internet. Linux history: * Linux features: Following are some of the important features of Linux Operating System. * Portable - Portability means softwares can works on different types of hardwares in same way.Linux kernel and application programs supports their installation on any kind of hardware platform. * Open Source - Linux source code is freely available and it is community based development project. Multiple teams works in collaboration to enhance the capability of Linux operating system and it is continuously evolving. * Multi-User - Linux is a multiuser system means multiple users can access system resources like memory/ ram/ application programs at same time. * Multiprogramming - Linux is a multiprogramming system means multiple applications can run...
Words: 6867 - Pages: 28
