Assignment 2, due Feb 9

Part of the homework for 22C:169, Spring 2006
by Douglas W. Jones
THE UNIVERSITY OF IOWA Department of Computer Science

Always, on every assignment, please write your name legibly as it appears on your University ID and on the class list! All assignments will be due at the start of class on the day indicated, and unless there is what insurance companies call "an act of God" - something outside your control; the only exceptions to this rule will be by advance arrangement.

  1. Make an attack tree for breaking into your apartment. For each alternative, estimate cost and the risk to the attacker. As an esitmate of cost, use minutes of labor. As an estimate of risk, use likelihood of being caught. Fuzzy statements of either cost or risk are normal in this context.

  2. Consider the following problem: A union and a corporation are involved in contract negotiations. Some corporate employees who are not union members, some union members are not employees. The union has a database of their membership, and the corporation has a database of their employees. Union members who are employees are the only ones who ought to vote on the union contract.

    a) How could the company benefit if it could get the union membership list?

    b) How could the union benefit if it could get the employee list?

    c) What problems, if any, could be caused by revealing the eligable voter list to the company?

    d) What problems, if any, could be caused by revealing the eligable voter list to the union?

    e) What problems, if any, are solved by introducing a trusted third party into the process?

  3. The Unix /etc/passwd file once contained some public information about every user (the mapping from user name to user number), but it also contains fields that are nobody's business. You have no business knowing what interactive shell I prefer, for example, nor the encrypted version of my password. See man 5 passwd for the details of the formats of this file.

    On modern Unix systems, this information was moved elsewhere. See man passwd and man 8 pam for some discussion of this. Mostly, the information was moved into system files that are only accessible through special set-user-ID programs.

    An alternative would be to create a file in the home directory of each user. Call it, for example, .passwd. This file would contain information used for password authentication when a user tries to log in specifying that directory as his desired home directory.

    a) What should the access rights be for .passwd.

    b) Can the new .passwd file be safely used to store the numerical user ID?

    c) Can the new .passwd file be safely used to store the user's preferred login shell?

    d) What should the user ID be for the /bin/login program that reads .passwd as part of its effort to authenticat the user.

    e) What system kernel calls /bin/login execute after having concluded that the user is indeed who the user claims.