SlideShare une entreprise Scribd logo

Access Control

Télécharger en tant que PPTX, PDF
David Evans
David Evans

Plans for the rest of the course How the Apple fan really works Introduction to Security How (and Why) to Limit the Files a Web Server Serves

TechnologieFormation
1  sur  46
Plan for Today • Plan for Rest of Semester • Starting Security 17 October 2013 University of Virginia cs4414 1
Plan for Remainder of Course 28 October: 29 October: 31 October: 4 Nov: 5-7 Nov: 11 Nov: 12-14 Nov: 18 Nov: 19-22 Nov: 26 Nov: 28 Nov: 3 Dec: 5 Dec: 17 October 2013 Due: PS3: Zhtta Web Server Security Guest: Karsten Nohl Due: Project Proposals Lower-Level OS (Processes, Virtual Memory) Due: Norvig Numbers Contribution Expected Storage Due: Project Design Reviews Virtual Machines, Micro/Exo-Kernels Guest: Tom Pinckney Thanksgiving Break Wrap-Up Due: Project Demos University of Virginia cs4414 2
Karsten Nohl, Oct 31 17 October 2013 Tom Pinckney, Nov 26 University of Virginia cs4414 3
4 Nov: Due: Project Proposals 18 Nov: Due: Project Design Reviews 5 Dec: Due: Project Demos Project Do something that is fun (for you to do, and others to see) relevant (to the class) technically interesting (to you and me) useful (at least to you, hopefully to many) You probably can’t maximize all of these! It is okay to sacrifice one or two of them to increase others. A good project should be strong on at least 2 of these, which is much better than being mediocre of all four. 17 October 2013 University of Virginia cs4414 4
Project Teams Anyone you want Size: 1-65+ people (recommended: 2-5) Okay to include people not in class “Impressiveness” should scale as sqrt(N) (N = # of teammates in class) Choose your teammates carefully and manage it well. 17 October 2013 University of Virginia cs4414 5
Project Grading A Do something you are proud of * (and that I think its reasonable for you to be proud of) A- Do something you find satisfactory * (and that I think it is okay for you to find satisfactory) B+ Do something you find not embarrassing * (and that I think is okay for you to not find embarrassing) <=B Do something embarrassing 17 October 2013 University of Virginia cs4414 6
“A+” Projects A+ Do something I am impressed by I will help you get into grad school, find a high-paying interesting job, and/or give you a low-paying interesting job. A++ Do something I am super impressed by I will get Tom Pinckney to help you find a high-paying super-interesting job. A+++ Do something I am way super impressed by I will get Sebastian Thrun to help you find a highpaying super-interesting job. 17 October 2013 University of Virginia cs4414 7
Ideas for Projects • • • • Some interesting systems-level program Some contribution to Rust Some contribution to computing Doesn’t have to be a program… Growing list of suggestions will be posted on course site…but don’t limit yourself to these. 17 October 2013 University of Virginia cs4414 8
usefulness interestingness Examples Do something that is fun (for you to do, and others to see) relevant (to the class) technically interesting (to you and me) useful (at least to you, hopefully to many) “funness” 17 October 2013 “relevantness” University of Virginia cs4414 9
Example: cs3102 PS7 http://www.youtube.com/watch?v=GSIodz9GWxc Assignment 17 October 2013 University of Virginia cs4414 10
Remaining Content 28 October: 29 October: 31 October: 4 Nov: 5-7 Nov: 11 Nov: 12-14 Nov: 18 Nov: 19-22 Nov: 26 Nov: 28 Nov: 3 Dec: 5 Dec: 17 October 2013 Due: PS3: Zhtta Web Server Security Guest: Karsten Nohl Due: Project Proposals Lower-Level OS (Processes, Virtual Memory) Due: Norvig Numbers Contribution Expected Storage Due: Project Design Reviews Virtual Machines, Micro/Exo-Kernels Guest: Tom Pinckney Thanksgiving Break Wrap-Up Due: Project Demos University of Virginia cs4414 11
Cool Computing Stuff Physics Its all understandable! (and I can do something cooler) Its all magic! Four Years Studying Computing at an Elite Public University (click for article) Minimizing Magic 17 October 2013 University of Virginia cs4414 12
Cool Computing Stuff electives cs4414 cs3102 Its all magic! cs1110 cs2110 cs4610 cs2150 cs4414 By the time you graduate, nothing should be “magic” other than how transistors work and NP-Completeness. cs2150 cs3330 cs4414 cs2330 Physics Minimizing Magic 17 October 2013 University of Virginia cs4414 13
http://opensource.apple.com/source/AppleFan/AppleFan-110.3.1/AppleFan.cpp 17 October 2013 University of Virginia cs4414 14
17 October 2013 University of Virginia cs4414 15
17 October 2013 University of Virginia cs4414 16
17 October 2013 University of Virginia cs4414 17
17 October 2013 University of Virginia cs4414 18
17 October 2013 University of Virginia cs4414 19
17 October 2013 University of Virginia cs4414 20
17 October 2013 University of Virginia cs4414 21
Security 17 October 2013 University of Virginia cs4414 22
What’s wrong with zhttpo (V 0.2)? … stream.read(buf); let request_str = str::from_utf8(buf); let req_group : ~[&str]= request_str.splitn_iter(' ', 3).collect(); if req_group.len() > 2 { let path = req_group[1]; … let file_path = &os::getcwd().push(path); if !os::path_exists(file_path) || os::path_is_dir(file_path) { … else { match io::read_whole_file(file_path) { Ok(file_data) => { stream.write(file_data); } … 17 October 2013 University of Virginia cs4414 23
Why Might Letting Anyone Read Any File on your Machine Be a Bad Idea? LMGTFY 17 October 2013 University of Virginia cs4414 24
This is serious: actually trying the passwords would be wrong and criminal*. 17 October 2013 University of Virginia cs4414 * Just because someone “broadcasts” their password or uses laughable security, doesn’t mean the FBI considers it “authorized” access. Whether it is you or Google that is breaking the law in this case is unclear. 25
What’s wrong with Zhtta (V 0.3)? … stream.read(buf); let request_str = str::from_utf8(buf); let req_group : ~[&str]= request_str.splitn_iter(' ', 3).collect(); if req_group.len() > 2 { let path = req_group[1]; … let file_path = ~os::getcwd().push(path.replace("/../", "")); if !os::path_exists(file_path) || os::path_is_dir(file_path) { … else { match io::read_whole_file(file_path) { Ok(file_data) => { stream.write(file_data); } … http://rust-class.org/./.././wp-config.php 17 October 2013 University of Virginia cs4414 26
Unix (Sort-of) “Solution” 17 October 2013 University of Virginia cs4414 27
17 October 2013 University of Virginia cs4414 28
Apache’s (Partial) Solution in httpd.conf: DocumentRoot /home/evans/htdocs/ Apache will only serve files in DocumentRoot’s subtree. 17 October 2013 University of Virginia cs4414 29
Apache’s (Partial) Solution in httpd.conf: DocumentRoot /home/evans/htdocs/ <Directory /> Options FollowSymLinks </Directory> Opps! Now it will follow symlinks inside DocumentRoot subtree to anywhere… 17 October 2013 University of Virginia cs4414 30
Apache’s (Further) Solution in httpd.conf: User #-1 Apache starts running as root (uid = 0) to be able to listen on port 80, which is default web port. By default, switches to run as uid = -1 (“nobody”) when processing requests. 17 October 2013 University of Virginia cs4414 31
bash-3.2$ ps aux | grep httpd dave 20926 0.0 0.0 2423356 208 p0 R+ 10:15PM 0:00.00 grep httpd _www 20923 0.0 0.0 2437400 700 ?? S 10:15PM 0:00.00 httpd root 20922 0.0 0.0 2437400 2376 ?? Ss 10:15PM 0:00.05 httpd # after one request bash-3.2$ !ps ps aux | grep httpd dave 20934 0.0 0.0 2432768 620 p0 S+ 10:16PM 0:00.00 grep httpd _www 20932 0.0 0.0 2437400 700 ?? S 10:16PM 0:00.00 httpd _www 20931 0.0 0.0 2437400 700 ?? S 10:16PM 0:00.00 httpd _www 20930 0.0 0.0 2437400 896 ?? S 10:16PM 0:00.00 httpd _www 20923 0.0 0.0 2437400 1800 ?? S 10:15PM 0:00.01 httpd root 20922 0.0 0.0 2437400 2376 ?? Ss 10:15PM 0:00.05 httpd 17 October 2013 University of Virginia cs4414 32
Changing Users int setuid(uid_t uid); real user id (ruid) effective user id (euid) saved user id (suid) 17 October 2013 = owner of the process = ID used in access control decisions = previous user ID that may be restored University of Virginia cs4414 33
HTTP GET ./../../../user/dave/secrets.txt Using setuid httpd euid: 0 (root) pid_t handler = fork(); if (handler == 0) { setuid(-1); … } handler fopen(pathname, ‘r’) Error: secrets.txt not readable to user nobody 17 October 2013 University of Virginia cs4414 34
HTTP GET ./../../../user/dave/secrets.txt Using setuid httpd euid: 0 (root) pid_t handler = fork(); if (handler == 0) { Principle of Least setuid(-1); Privilege … Running code should have as little } power as possible to get the job done. handler fopen(pathname, ‘r’) Error: secrets.txt not readable to user nobody 17 October 2013 University of Virginia cs4414 35
17 October 2013 University of Virginia cs4414 36
POSIX Spec for setuid 17 October 2013 University of Virginia cs4414 37
USENIX Security 2002 17 October 2013 University of Virginia cs4414 38
Example: cs3102 PS7 http://www.youtube.com/watch?v=PeRRF3jrHbQ Assignment 17 October 2013 University of Virginia cs4414 39
I’m showing you examples because I want you to be openminded, not because I want everyone to make silly movies or bake cakes (but too many cakes is always better than no cakes). 17 October 2013 University of Virginia cs4414 40
Access Control gash> ls -l secrets.txt -rw------- 1 dave staff 37 Oct 23 23:15 secrets.txt How does the OS know whether or not the (effective) user can read a file? 17 October 2013 University of Virginia cs4414 41
Access Control Matrix Files Users /alice/www/inde /dave/secrets.txt x.html /alice/secrets.txt read, write read, write read, write dave read read, write - www read - - root 17 October 2013 University of Virginia cs4414 42
HTTP GET ./../../../user/dave/secrets.txt 17 October 2013 Reference Monitor httpd euid: 0 (root) fopen(pathname, ‘r’) OS Kernel Reference Monitor handler University of Virginia cs4414 secrets.txt 43
http://opensource.apple.com/source/Libc/Libc-167/stdio.subproj/fopen.c 17 October 2013 University of Virginia cs4414 44
Charge PS3 is due Monday! Sign up for demo time. Continue (start ) thinking about ideas for your project and recruiting teammates. 17 October 2013 University of Virginia cs4414 45

Recommandé

Control your Voice like a Bene Gesserit
Control your Voice like a Bene GesseritControl your Voice like a Bene Gesserit
Control your Voice like a Bene GesseritJorge Ortiz
 
Once Upon a Process
Once Upon a ProcessOnce Upon a Process
Once Upon a ProcessDavid Evans
 
The First Billion Android Activations
The First Billion Android ActivationsThe First Billion Android Activations
The First Billion Android ActivationsDavid Evans
 
Inventing the Future
Inventing the FutureInventing the Future
Inventing the FutureDavid Evans
 
Invent the Future (Operating Systems in 2029)
Invent the Future (Operating Systems in 2029)Invent the Future (Operating Systems in 2029)
Invent the Future (Operating Systems in 2029)David Evans
 
Class 1: Introduction - What is an Operating System?
Class 1: Introduction - What is an Operating System?Class 1: Introduction - What is an Operating System?
Class 1: Introduction - What is an Operating System?David Evans
 
elasticsearch basics workshop
elasticsearch basics workshopelasticsearch basics workshop
elasticsearch basics workshopMathieu Elie
 
Scheduling
SchedulingScheduling
SchedulingDavid Evans
 

Recommandé

Control your Voice like a Bene Gesserit
Control your Voice like a Bene GesseritControl your Voice like a Bene Gesserit
Control your Voice like a Bene GesseritJorge Ortiz
 
Once Upon a Process
Once Upon a ProcessOnce Upon a Process
Once Upon a ProcessDavid Evans
 
The First Billion Android Activations
The First Billion Android ActivationsThe First Billion Android Activations
The First Billion Android ActivationsDavid Evans
 
Inventing the Future
Inventing the FutureInventing the Future
Inventing the FutureDavid Evans
 
Invent the Future (Operating Systems in 2029)
Invent the Future (Operating Systems in 2029)Invent the Future (Operating Systems in 2029)
Invent the Future (Operating Systems in 2029)David Evans
 
Class 1: Introduction - What is an Operating System?
Class 1: Introduction - What is an Operating System?Class 1: Introduction - What is an Operating System?
Class 1: Introduction - What is an Operating System?David Evans
 
elasticsearch basics workshop
elasticsearch basics workshopelasticsearch basics workshop
elasticsearch basics workshopMathieu Elie
 
Scheduling
SchedulingScheduling
SchedulingDavid Evans
 
Using Git, Pointers in Rust
Using Git, Pointers in RustUsing Git, Pointers in Rust
Using Git, Pointers in RustDavid Evans
 
What the &~#@&lt;!? (Memory Management in Rust)
What the &~#@&lt;!? (Memory Management in Rust)What the &~#@&lt;!? (Memory Management in Rust)
What the &~#@&lt;!? (Memory Management in Rust)David Evans
 
Engineering culture
Engineering cultureEngineering culture
Engineering culturePamela Fox
 
She Sells C Shells (by the Rust Shore)
She Sells C Shells (by the Rust Shore)She Sells C Shells (by the Rust Shore)
She Sells C Shells (by the Rust Shore)David Evans
 
How to ReadTheDocs
How to ReadTheDocsHow to ReadTheDocs
How to ReadTheDocsJohn Costa
 
Trick-or-Treat Protocols
Trick-or-Treat ProtocolsTrick-or-Treat Protocols
Trick-or-Treat ProtocolsDavid Evans
 
Virtual Memory (Making a Process)
Virtual Memory (Making a Process)Virtual Memory (Making a Process)
Virtual Memory (Making a Process)David Evans
 
Bosco r users2013
Bosco r users2013Bosco r users2013
Bosco r users2013Miha Ahronovitz
 
Smarter Scheduling
Smarter SchedulingSmarter Scheduling
Smarter SchedulingDavid Evans
 
First Ride on Rust
First Ride on RustFirst Ride on Rust
First Ride on RustDavid Evans
 
Making a Process
Making a ProcessMaking a Process
Making a ProcessDavid Evans
 
Fluent14
Fluent14Fluent14
Fluent14Brendan Eich
 
Semantic Web for Life Sciences: vision, aims, tools, platforms
Semantic Web for Life Sciences: vision, aims, tools, platforms Semantic Web for Life Sciences: vision, aims, tools, platforms
Semantic Web for Life Sciences: vision, aims, tools, platforms Novartis Institutes for BioMedical Research
 
D3.js capita selecta
D3.js capita selectaD3.js capita selecta
D3.js capita selectaJoris Klerkx
 
OpenFest 2012 : Leveraging the public internet
OpenFest 2012 : Leveraging the public internetOpenFest 2012 : Leveraging the public internet
OpenFest 2012 : Leveraging the public internettkisason
 
Linked Data in Learning Analytics Tools
Linked Data in Learning Analytics ToolsLinked Data in Learning Analytics Tools
Linked Data in Learning Analytics ToolsMathieu d'Aquin
 
What Ops Can Learn From Design
What Ops Can Learn From DesignWhat Ops Can Learn From Design
What Ops Can Learn From DesignRobert Treat
 
Reflections on Rousting Rust?
Reflections on Rousting Rust?Reflections on Rousting Rust?
Reflections on Rousting Rust?David Evans
 
Dark Silicon, Mobile Devices, and Possible Open-Source Solutions
Dark Silicon, Mobile Devices, and Possible Open-Source SolutionsDark Silicon, Mobile Devices, and Possible Open-Source Solutions
Dark Silicon, Mobile Devices, and Possible Open-Source SolutionsKoan-Sin Tan
 
Python in programming competitions
Python in programming competitionsPython in programming competitions
Python in programming competitionsSergey Dymchenko
 
Cryptocurrency Jeopardy!
Cryptocurrency Jeopardy!Cryptocurrency Jeopardy!
Cryptocurrency Jeopardy!David Evans
 
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for Cypherpunks
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for CypherpunksTrick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for Cypherpunks
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for CypherpunksDavid Evans
 

Contenu connexe

Similaire à Access Control

Using Git, Pointers in Rust
Using Git, Pointers in RustUsing Git, Pointers in Rust
Using Git, Pointers in RustDavid Evans
 
What the &~#@&lt;!? (Memory Management in Rust)
What the &~#@&lt;!? (Memory Management in Rust)What the &~#@&lt;!? (Memory Management in Rust)
What the &~#@&lt;!? (Memory Management in Rust)David Evans
 
Engineering culture
Engineering cultureEngineering culture
Engineering culturePamela Fox
 
She Sells C Shells (by the Rust Shore)
She Sells C Shells (by the Rust Shore)She Sells C Shells (by the Rust Shore)
She Sells C Shells (by the Rust Shore)David Evans
 
How to ReadTheDocs
How to ReadTheDocsHow to ReadTheDocs
How to ReadTheDocsJohn Costa
 
Trick-or-Treat Protocols
Trick-or-Treat ProtocolsTrick-or-Treat Protocols
Trick-or-Treat ProtocolsDavid Evans
 
Virtual Memory (Making a Process)
Virtual Memory (Making a Process)Virtual Memory (Making a Process)
Virtual Memory (Making a Process)David Evans
 
Smarter Scheduling
Smarter SchedulingSmarter Scheduling
Smarter SchedulingDavid Evans
 
First Ride on Rust
First Ride on RustFirst Ride on Rust
First Ride on RustDavid Evans
 
Making a Process
Making a ProcessMaking a Process
Making a ProcessDavid Evans
 
D3.js capita selecta
D3.js capita selectaD3.js capita selecta
D3.js capita selectaJoris Klerkx
 
OpenFest 2012 : Leveraging the public internet
OpenFest 2012 : Leveraging the public internetOpenFest 2012 : Leveraging the public internet
OpenFest 2012 : Leveraging the public internettkisason
 
Linked Data in Learning Analytics Tools
Linked Data in Learning Analytics ToolsLinked Data in Learning Analytics Tools
Linked Data in Learning Analytics ToolsMathieu d'Aquin
 
What Ops Can Learn From Design
What Ops Can Learn From DesignWhat Ops Can Learn From Design
What Ops Can Learn From DesignRobert Treat
 
Reflections on Rousting Rust?
Reflections on Rousting Rust?Reflections on Rousting Rust?
Reflections on Rousting Rust?David Evans
 
Dark Silicon, Mobile Devices, and Possible Open-Source Solutions
Dark Silicon, Mobile Devices, and Possible Open-Source SolutionsDark Silicon, Mobile Devices, and Possible Open-Source Solutions
Dark Silicon, Mobile Devices, and Possible Open-Source SolutionsKoan-Sin Tan
 
Python in programming competitions
Python in programming competitionsPython in programming competitions
Python in programming competitionsSergey Dymchenko
 

Similaire à Access Control (20)

Using Git, Pointers in Rust
Using Git, Pointers in RustUsing Git, Pointers in Rust
Using Git, Pointers in Rust
 
What the &~#@&lt;!? (Memory Management in Rust)
What the &~#@&lt;!? (Memory Management in Rust)What the &~#@&lt;!? (Memory Management in Rust)
What the &~#@&lt;!? (Memory Management in Rust)
 
Engineering culture
Engineering cultureEngineering culture
Engineering culture
 
She Sells C Shells (by the Rust Shore)
She Sells C Shells (by the Rust Shore)She Sells C Shells (by the Rust Shore)
She Sells C Shells (by the Rust Shore)
 
How to ReadTheDocs
How to ReadTheDocsHow to ReadTheDocs
How to ReadTheDocs
 
Trick-or-Treat Protocols
Trick-or-Treat ProtocolsTrick-or-Treat Protocols
Trick-or-Treat Protocols
 
Virtual Memory (Making a Process)
Virtual Memory (Making a Process)Virtual Memory (Making a Process)
Virtual Memory (Making a Process)
 
Bosco r users2013
Bosco r users2013Bosco r users2013
Bosco r users2013
 
Smarter Scheduling
Smarter SchedulingSmarter Scheduling
Smarter Scheduling
 
First Ride on Rust
First Ride on RustFirst Ride on Rust
First Ride on Rust
 
Making a Process
Making a ProcessMaking a Process
Making a Process
 
Fluent14
Fluent14Fluent14
Fluent14
 
Semantic Web for Life Sciences: vision, aims, tools, platforms
Semantic Web for Life Sciences: vision, aims, tools, platforms Semantic Web for Life Sciences: vision, aims, tools, platforms
Semantic Web for Life Sciences: vision, aims, tools, platforms
 
D3.js capita selecta
D3.js capita selectaD3.js capita selecta
D3.js capita selecta
 
OpenFest 2012 : Leveraging the public internet
OpenFest 2012 : Leveraging the public internetOpenFest 2012 : Leveraging the public internet
OpenFest 2012 : Leveraging the public internet
 
Linked Data in Learning Analytics Tools
Linked Data in Learning Analytics ToolsLinked Data in Learning Analytics Tools
Linked Data in Learning Analytics Tools
 
What Ops Can Learn From Design
What Ops Can Learn From DesignWhat Ops Can Learn From Design
What Ops Can Learn From Design
 
Reflections on Rousting Rust?
Reflections on Rousting Rust?Reflections on Rousting Rust?
Reflections on Rousting Rust?
 
Dark Silicon, Mobile Devices, and Possible Open-Source Solutions
Dark Silicon, Mobile Devices, and Possible Open-Source SolutionsDark Silicon, Mobile Devices, and Possible Open-Source Solutions
Dark Silicon, Mobile Devices, and Possible Open-Source Solutions
 
Python in programming competitions
Python in programming competitionsPython in programming competitions
Python in programming competitions
 

Plus de David Evans

Cryptocurrency Jeopardy!
Cryptocurrency Jeopardy!Cryptocurrency Jeopardy!
Cryptocurrency Jeopardy!David Evans
 
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for Cypherpunks
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for CypherpunksTrick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for Cypherpunks
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for CypherpunksDavid Evans
 
Hidden Services, Zero Knowledge
Hidden Services, Zero KnowledgeHidden Services, Zero Knowledge
Hidden Services, Zero KnowledgeDavid Evans
 
Anonymity in Bitcoin
Anonymity in BitcoinAnonymity in Bitcoin
Anonymity in BitcoinDavid Evans
 
Midterm Confirmations
Midterm ConfirmationsMidterm Confirmations
Midterm ConfirmationsDavid Evans
 
Scripting Transactions
Scripting TransactionsScripting Transactions
Scripting TransactionsDavid Evans
 
How to Live in Paradise
How to Live in ParadiseHow to Live in Paradise
How to Live in ParadiseDavid Evans
 
Mining Economics
Mining EconomicsMining Economics
Mining EconomicsDavid Evans
 
Becoming More Paranoid
Becoming More ParanoidBecoming More Paranoid
Becoming More ParanoidDavid Evans
 
Asymmetric Key Signatures
Asymmetric Key SignaturesAsymmetric Key Signatures
Asymmetric Key SignaturesDavid Evans
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to CryptographyDavid Evans
 
Class 1: What is Money?
Class 1: What is Money?Class 1: What is Money?
Class 1: What is Money?David Evans
 
Multi-Party Computation for the Masses
Multi-Party Computation for the MassesMulti-Party Computation for the Masses
Multi-Party Computation for the MassesDavid Evans
 
Proof of Reserve
Proof of ReserveProof of Reserve
Proof of ReserveDavid Evans
 
Blooming Sidechains!
Blooming Sidechains!Blooming Sidechains!
Blooming Sidechains!David Evans
 
Useful Proofs of Work, Permacoin
Useful Proofs of Work, PermacoinUseful Proofs of Work, Permacoin
Useful Proofs of Work, PermacoinDavid Evans
 

Plus de David Evans (20)

Cryptocurrency Jeopardy!
Cryptocurrency Jeopardy!Cryptocurrency Jeopardy!
Cryptocurrency Jeopardy!
 
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for Cypherpunks
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for CypherpunksTrick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for Cypherpunks
Trick or Treat?: Bitcoin for Non-Believers, Cryptocurrencies for Cypherpunks
 
Hidden Services, Zero Knowledge
Hidden Services, Zero KnowledgeHidden Services, Zero Knowledge
Hidden Services, Zero Knowledge
 
Anonymity in Bitcoin
Anonymity in BitcoinAnonymity in Bitcoin
Anonymity in Bitcoin
 
Midterm Confirmations
Midterm ConfirmationsMidterm Confirmations
Midterm Confirmations
 
Scripting Transactions
Scripting TransactionsScripting Transactions
Scripting Transactions
 
How to Live in Paradise
How to Live in ParadiseHow to Live in Paradise
How to Live in Paradise
 
Bitcoin Script
Bitcoin ScriptBitcoin Script
Bitcoin Script
 
Mining Economics
Mining EconomicsMining Economics
Mining Economics
 
Mining
MiningMining
Mining
 
The Blockchain
The BlockchainThe Blockchain
The Blockchain
 
Becoming More Paranoid
Becoming More ParanoidBecoming More Paranoid
Becoming More Paranoid
 
Asymmetric Key Signatures
Asymmetric Key SignaturesAsymmetric Key Signatures
Asymmetric Key Signatures
 
Introduction to Cryptography
Introduction to CryptographyIntroduction to Cryptography
Introduction to Cryptography
 
Class 1: What is Money?
Class 1: What is Money?Class 1: What is Money?
Class 1: What is Money?
 
Multi-Party Computation for the Masses
Multi-Party Computation for the MassesMulti-Party Computation for the Masses
Multi-Party Computation for the Masses
 
Proof of Reserve
Proof of ReserveProof of Reserve
Proof of Reserve
 
Silk Road
Silk RoadSilk Road
Silk Road
 
Blooming Sidechains!
Blooming Sidechains!Blooming Sidechains!
Blooming Sidechains!
 
Useful Proofs of Work, Permacoin
Useful Proofs of Work, PermacoinUseful Proofs of Work, Permacoin
Useful Proofs of Work, Permacoin
 

Dernier

unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxBkGupta21
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESmohitsingh558521
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024BookNet Canada
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024Stephanie Beckett
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.Curtis Poe
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsNathaniel Shimoni
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxLoriGlavin3
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsPixlogix Infotech
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demoHarshalMandlekar2
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii SoldatenkoFwdays
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Manik S Magar
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brandgvaughan
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxLoriGlavin3
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024BookNet Canada
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxLoriGlavin3
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfAlex Barbosa Coqueiro
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rick Flair
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionDilum Bandara
 

Dernier (20)

unit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptxunit 4 immunoblotting technique complete.pptx
unit 4 immunoblotting technique complete.pptx
 
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICESSALESFORCE EDUCATION CLOUD | FEXLE SERVICES
SALESFORCE EDUCATION CLOUD | FEXLE SERVICES
 
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: Loan Stars - Tech Forum 2024
 
What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024What's New in Teams Calling, Meetings and Devices March 2024
What's New in Teams Calling, Meetings and Devices March 2024
 
How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.How AI, OpenAI, and ChatGPT impact business and software.
How AI, OpenAI, and ChatGPT impact business and software.
 
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data PrivacyTrustArc Webinar - How to Build Consumer Trust Through Data Privacy
TrustArc Webinar - How to Build Consumer Trust Through Data Privacy
 
Time Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directionsTime Series Foundation Models - current state and future directions
Time Series Foundation Models - current state and future directions
 
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptxThe Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
The Role of FIDO in a Cyber Secure Netherlands: FIDO Paris Seminar.pptx
 
The Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and ConsThe Ultimate Guide to Choosing WordPress Pros and Cons
The Ultimate Guide to Choosing WordPress Pros and Cons
 
Sample pptx for embedding into website for demo
Sample pptx for embedding into website for demoSample pptx for embedding into website for demo
Sample pptx for embedding into website for demo
 
"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko"Debugging python applications inside k8s environment", Andrii Soldatenko
"Debugging python applications inside k8s environment", Andrii Soldatenko
 
Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!Anypoint Exchange: It’s Not Just a Repo!
Anypoint Exchange: It’s Not Just a Repo!
 
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
WordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your BrandWordPress Websites for Engineers: Elevate Your Brand
WordPress Websites for Engineers: Elevate Your Brand
 
The State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptxThe State of Passkeys with FIDO Alliance.pptx
The State of Passkeys with FIDO Alliance.pptx
 
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
Transcript: New from BookNet Canada for 2024: BNC CataList - Tech Forum 2024
 
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptxA Deep Dive on Passkeys: FIDO Paris Seminar.pptx
A Deep Dive on Passkeys: FIDO Paris Seminar.pptx
 
Unraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdfUnraveling Multimodality with Large Language Models.pdf
Unraveling Multimodality with Large Language Models.pdf
 
Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...Rise of the Machines: Known As Drones...
Rise of the Machines: Known As Drones...
 
Advanced Computer Architecture – An Introduction
Advanced Computer Architecture – An IntroductionAdvanced Computer Architecture – An Introduction
Advanced Computer Architecture – An Introduction
 

Access Control

  • 1.
  • 2. Plan for Today • Plan for Rest of Semester • Starting Security 17 October 2013 University of Virginia cs4414 1
  • 3. Plan for Remainder of Course 28 October: 29 October: 31 October: 4 Nov: 5-7 Nov: 11 Nov: 12-14 Nov: 18 Nov: 19-22 Nov: 26 Nov: 28 Nov: 3 Dec: 5 Dec: 17 October 2013 Due: PS3: Zhtta Web Server Security Guest: Karsten Nohl Due: Project Proposals Lower-Level OS (Processes, Virtual Memory) Due: Norvig Numbers Contribution Expected Storage Due: Project Design Reviews Virtual Machines, Micro/Exo-Kernels Guest: Tom Pinckney Thanksgiving Break Wrap-Up Due: Project Demos University of Virginia cs4414 2
  • 4. Karsten Nohl, Oct 31 17 October 2013 Tom Pinckney, Nov 26 University of Virginia cs4414 3
  • 5. 4 Nov: Due: Project Proposals 18 Nov: Due: Project Design Reviews 5 Dec: Due: Project Demos Project Do something that is fun (for you to do, and others to see) relevant (to the class) technically interesting (to you and me) useful (at least to you, hopefully to many) You probably can’t maximize all of these! It is okay to sacrifice one or two of them to increase others. A good project should be strong on at least 2 of these, which is much better than being mediocre of all four. 17 October 2013 University of Virginia cs4414 4
  • 6. Project Teams Anyone you want Size: 1-65+ people (recommended: 2-5) Okay to include people not in class “Impressiveness” should scale as sqrt(N) (N = # of teammates in class) Choose your teammates carefully and manage it well. 17 October 2013 University of Virginia cs4414 5
  • 7. Project Grading A Do something you are proud of * (and that I think its reasonable for you to be proud of) A- Do something you find satisfactory * (and that I think it is okay for you to find satisfactory) B+ Do something you find not embarrassing * (and that I think is okay for you to not find embarrassing) <=B Do something embarrassing 17 October 2013 University of Virginia cs4414 6
  • 8. “A+” Projects A+ Do something I am impressed by I will help you get into grad school, find a high-paying interesting job, and/or give you a low-paying interesting job. A++ Do something I am super impressed by I will get Tom Pinckney to help you find a high-paying super-interesting job. A+++ Do something I am way super impressed by I will get Sebastian Thrun to help you find a highpaying super-interesting job. 17 October 2013 University of Virginia cs4414 7
  • 9. Ideas for Projects • • • • Some interesting systems-level program Some contribution to Rust Some contribution to computing Doesn’t have to be a program… Growing list of suggestions will be posted on course site…but don’t limit yourself to these. 17 October 2013 University of Virginia cs4414 8
  • 10. usefulness interestingness Examples Do something that is fun (for you to do, and others to see) relevant (to the class) technically interesting (to you and me) useful (at least to you, hopefully to many) “funness” 17 October 2013 “relevantness” University of Virginia cs4414 9
  • 12. Remaining Content 28 October: 29 October: 31 October: 4 Nov: 5-7 Nov: 11 Nov: 12-14 Nov: 18 Nov: 19-22 Nov: 26 Nov: 28 Nov: 3 Dec: 5 Dec: 17 October 2013 Due: PS3: Zhtta Web Server Security Guest: Karsten Nohl Due: Project Proposals Lower-Level OS (Processes, Virtual Memory) Due: Norvig Numbers Contribution Expected Storage Due: Project Design Reviews Virtual Machines, Micro/Exo-Kernels Guest: Tom Pinckney Thanksgiving Break Wrap-Up Due: Project Demos University of Virginia cs4414 11
  • 13. Cool Computing Stuff Physics Its all understandable! (and I can do something cooler) Its all magic! Four Years Studying Computing at an Elite Public University (click for article) Minimizing Magic 17 October 2013 University of Virginia cs4414 12
  • 14. Cool Computing Stuff electives cs4414 cs3102 Its all magic! cs1110 cs2110 cs4610 cs2150 cs4414 By the time you graduate, nothing should be “magic” other than how transistors work and NP-Completeness. cs2150 cs3330 cs4414 cs2330 Physics Minimizing Magic 17 October 2013 University of Virginia cs4414 13
  • 16. 17 October 2013 University of Virginia cs4414 15
  • 17. 17 October 2013 University of Virginia cs4414 16
  • 18. 17 October 2013 University of Virginia cs4414 17
  • 19. 17 October 2013 University of Virginia cs4414 18
  • 20. 17 October 2013 University of Virginia cs4414 19
  • 21. 17 October 2013 University of Virginia cs4414 20
  • 22. 17 October 2013 University of Virginia cs4414 21
  • 23. Security 17 October 2013 University of Virginia cs4414 22
  • 24. What’s wrong with zhttpo (V 0.2)? … stream.read(buf); let request_str = str::from_utf8(buf); let req_group : ~[&str]= request_str.splitn_iter(' ', 3).collect(); if req_group.len() > 2 { let path = req_group[1]; … let file_path = &os::getcwd().push(path); if !os::path_exists(file_path) || os::path_is_dir(file_path) { … else { match io::read_whole_file(file_path) { Ok(file_data) => { stream.write(file_data); } … 17 October 2013 University of Virginia cs4414 23
  • 25. Why Might Letting Anyone Read Any File on your Machine Be a Bad Idea? LMGTFY 17 October 2013 University of Virginia cs4414 24
  • 26. This is serious: actually trying the passwords would be wrong and criminal*. 17 October 2013 University of Virginia cs4414 * Just because someone “broadcasts” their password or uses laughable security, doesn’t mean the FBI considers it “authorized” access. Whether it is you or Google that is breaking the law in this case is unclear. 25
  • 27. What’s wrong with Zhtta (V 0.3)? … stream.read(buf); let request_str = str::from_utf8(buf); let req_group : ~[&str]= request_str.splitn_iter(' ', 3).collect(); if req_group.len() > 2 { let path = req_group[1]; … let file_path = ~os::getcwd().push(path.replace("/../", "")); if !os::path_exists(file_path) || os::path_is_dir(file_path) { … else { match io::read_whole_file(file_path) { Ok(file_data) => { stream.write(file_data); } … http://rust-class.org/./.././wp-config.php 17 October 2013 University of Virginia cs4414 26
  • 28. Unix (Sort-of) “Solution” 17 October 2013 University of Virginia cs4414 27
  • 29. 17 October 2013 University of Virginia cs4414 28
  • 30. Apache’s (Partial) Solution in httpd.conf: DocumentRoot /home/evans/htdocs/ Apache will only serve files in DocumentRoot’s subtree. 17 October 2013 University of Virginia cs4414 29
  • 31. Apache’s (Partial) Solution in httpd.conf: DocumentRoot /home/evans/htdocs/ <Directory /> Options FollowSymLinks </Directory> Opps! Now it will follow symlinks inside DocumentRoot subtree to anywhere… 17 October 2013 University of Virginia cs4414 30
  • 32. Apache’s (Further) Solution in httpd.conf: User #-1 Apache starts running as root (uid = 0) to be able to listen on port 80, which is default web port. By default, switches to run as uid = -1 (“nobody”) when processing requests. 17 October 2013 University of Virginia cs4414 31
  • 33. bash-3.2$ ps aux | grep httpd dave 20926 0.0 0.0 2423356 208 p0 R+ 10:15PM 0:00.00 grep httpd _www 20923 0.0 0.0 2437400 700 ?? S 10:15PM 0:00.00 httpd root 20922 0.0 0.0 2437400 2376 ?? Ss 10:15PM 0:00.05 httpd # after one request bash-3.2$ !ps ps aux | grep httpd dave 20934 0.0 0.0 2432768 620 p0 S+ 10:16PM 0:00.00 grep httpd _www 20932 0.0 0.0 2437400 700 ?? S 10:16PM 0:00.00 httpd _www 20931 0.0 0.0 2437400 700 ?? S 10:16PM 0:00.00 httpd _www 20930 0.0 0.0 2437400 896 ?? S 10:16PM 0:00.00 httpd _www 20923 0.0 0.0 2437400 1800 ?? S 10:15PM 0:00.01 httpd root 20922 0.0 0.0 2437400 2376 ?? Ss 10:15PM 0:00.05 httpd 17 October 2013 University of Virginia cs4414 32
  • 34. Changing Users int setuid(uid_t uid); real user id (ruid) effective user id (euid) saved user id (suid) 17 October 2013 = owner of the process = ID used in access control decisions = previous user ID that may be restored University of Virginia cs4414 33
  • 35. HTTP GET ./../../../user/dave/secrets.txt Using setuid httpd euid: 0 (root) pid_t handler = fork(); if (handler == 0) { setuid(-1); … } handler fopen(pathname, ‘r’) Error: secrets.txt not readable to user nobody 17 October 2013 University of Virginia cs4414 34
  • 36. HTTP GET ./../../../user/dave/secrets.txt Using setuid httpd euid: 0 (root) pid_t handler = fork(); if (handler == 0) { Principle of Least setuid(-1); Privilege … Running code should have as little } power as possible to get the job done. handler fopen(pathname, ‘r’) Error: secrets.txt not readable to user nobody 17 October 2013 University of Virginia cs4414 35
  • 37. 17 October 2013 University of Virginia cs4414 36
  • 38. POSIX Spec for setuid 17 October 2013 University of Virginia cs4414 37
  • 39. USENIX Security 2002 17 October 2013 University of Virginia cs4414 38
  • 41. I’m showing you examples because I want you to be openminded, not because I want everyone to make silly movies or bake cakes (but too many cakes is always better than no cakes). 17 October 2013 University of Virginia cs4414 40
  • 42. Access Control gash> ls -l secrets.txt -rw------- 1 dave staff 37 Oct 23 23:15 secrets.txt How does the OS know whether or not the (effective) user can read a file? 17 October 2013 University of Virginia cs4414 41
  • 43. Access Control Matrix Files Users /alice/www/inde /dave/secrets.txt x.html /alice/secrets.txt read, write read, write read, write dave read read, write - www read - - root 17 October 2013 University of Virginia cs4414 42
  • 44. HTTP GET ./../../../user/dave/secrets.txt 17 October 2013 Reference Monitor httpd euid: 0 (root) fopen(pathname, ‘r’) OS Kernel Reference Monitor handler University of Virginia cs4414 secrets.txt 43
  • 46. Charge PS3 is due Monday! Sign up for demo time. Continue (start ) thinking about ideas for your project and recruiting teammates. 17 October 2013 University of Virginia cs4414 45