Assignment 5, due March 5

Part of the homework for 22C:169, Spring 2010
by Douglas W. Jones
THE UNIVERSITY OF IOWA Department of Computer Science

Always, on every assignment, please write your name legibly as it appears on your University ID and on the class list! All assignments will be due at the start of class on the day indicated (usually a Friday), and unless there is what insurance companies call "an act of God" - something outside your control; the only exceptions to this rule will be by advance arrangement.

  1. Background: Consider the following file protection problem:

    All rights not explicitly permitted above are forbidden.

    a) Give an access matrix describing the above. (0.4 points)

    b) Give access control lists for the files describing the above. (0.4 points)

    c) Give capability lists for the users describing the above. (0.4 points)

    d) Give Unix-style access rights that enforce the above. You may need to place some of the users in groups and use group access rights to control some of the access rules. (0.8 points)

  2. Background: Suppose your Unix user ID is you so your home directory is ~you and my user ID is jones, with home directory ~dwjones. Both home directories initially have access rights rwx------.

    Initially, you have just two files in your directory, ~you/a and ~you/b. Both files initially have access rights rw-------.

    You can use the chmod, mkdir, mv and ln commands, and also the chgrp and newgrp commands. With respect to the latter, assume initially that I am in group faculty and you are in group students. Both of these groups contain other users. If you need to create a new group, you will have to e-mail the system administrator requesting group creation and specifying who to add as group members.

    a) Give a sequence of commands that will give me the right to read your file ~you/a a while excluding me or anyone else from reading any other of your files. (0.4 points)

    b) Give the instructions you would need to give me in order for me to access your file, after you've done the work suggested in part a. (0.4 points)

    c) Go back to the initial conditions -- assume you'd never answered parts a) and b). Give a sequence of instructions to create two directories, ~you/INBOX and ~you/OUTBOX, where anyone can deposit files in your inbox and you can put files in your outbox so others can find them. Your goal is to set up your inbox and outbox to maximize security. As much as is possible, users should not be able to explore other files in your inbox but your outbox should be open to public inspection. (0.4 points)

    d) With regard to your answer to part c), what access rights should I set on a file I place in your inbox so you can copy it? What access rights should you set on a file in your outbox so the public can take copies? (0.4 points)

    e) With regard to your answers to parts c) and d), assuming that you don't create new groups to secure things, How might an adversary get a copy of the file I left in your inbox? (0.4 points)

    Note: If you elect to work with partners in order to experiment with access rights, please note who you partnered with.

  3. Background: Assume a file system with a protection model just like Unix except that access rights are attributes of links in directory entries instead of being attributes of files. All the same commands apply as in Unix, except rights are checked as you follow a link out of a directory.

    One significant consequence of this is that you can't change the rights on a link unless you have the right to modify the directory holding that link.

    Another consequence is that there are access rights associated with the system-maintained link to your current directory and to your home directory that you get from logging in and from following a link with the cd command. As a result, it's possible that cd . could change your access rights even though it doesn't change what directory you are in.

    A problem: Given two users, as in the previous problem ~you and ~dwjones, how would you set things up so that I could give you a file? The previous problem contains many useful ideas, but it won't be exactly the same! (1.0 points)