Presentation is loading. Please wait.

Presentation is loading. Please wait.

Computer Science CSC 405 LabBy Yuzheng Zhou1 CSC 405 Introduction to Computer Security Lab session.

Published byWaylon Jerkins Modified over 9 years ago

Similar presentations

Presentation on theme: "Computer Science CSC 405 LabBy Yuzheng Zhou1 CSC 405 Introduction to Computer Security Lab session."— Presentation transcript:

1 Computer Science CSC 405 LabBy Yuzheng Zhou1 CSC 405 Introduction to Computer Security Lab session

2 Computer Science CSC 405 LabBy Yuzheng Zhou2 Roadmap Lab 2 Set-UID –Why do we need set-uid program? (prob. 1) –Set-uid program –How is set-uid implemented in Minix (prob. 2) –When we run set-uid in Minix and Linux, why do we get different results ? (prob. 3 & 5) –Set-uid vulnerability: PATH environment variable (prob. 4) –Use setuid() carefully (Prob. 6) Lab 3 Set-RandomUID grading policy

3 Computer Science CSC 405 LabBy Yuzheng Zhou3 passwd, chsh, su passwd –Allow users to change their passwords –Users’ passwords are stored in /etc/shadow, which is neither readable nor writable to normal su –Allows user to become the super-user –User must pass super-user’s password as an argument. chsh –Allow users to change their login shells –Users’ login shell are stored in /etc/passwd, which is neither readable nor writable to normal

4 Computer Science CSC 405 LabBy Yuzheng Zhou4 passwd, chsh, su (Cont’d) passwd, chsh, su –Runnable by anybody –Need to access files (etc/shadow, etc/passwd) which are neither readable nor writable to normal user –How to achieve the goal? Need to be set-root-UID programs

5 Computer Science CSC 405 LabBy Yuzheng Zhou5 Set-UID Programs real user ID (real uid, or ruid): –identifies the owner of the process effective user ID (effective uid, or euid) –used in most access control decisions Set-UID program –at login time, real uid = effective uid = user login ID –when a Set-UID program is executed, real uid doesn’t change effective uid  owner of the set-uid program –Access control is based on effective uid

6 Computer Science CSC 405 LabBy Yuzheng Zhou6 How to turn on Set-UID bit The meaning of the permission bits in Unix. 9 normal bits: 755 : 111 101 => -rwxr-xr-x –Owner (u), Group (g), and Others (o). –Readable (r), Writable (w), and Executable (x). 3 special bits (sticky key hasn’t been used): –bit 11: set UID; bit 10: set Group ID; bit 9: sticky key. Turn on the Set-UID bit –chmod 4755 [set bit 11]: 100 111 101 101 => -rwSr-xr-x ^ the eXecute "x" is replaced by an "s"

7 Computer Science CSC 405 LabBy Yuzheng Zhou7 How is Set-UID implemented in Minix? Fproc structure /* Defined in /usr/src/fs/prot.h, this is the per-process information */ EXTERN struct fproc { …… uid_t fp_realuid; /* real user id */ uid_t fp_effuid; /* effective user id */ gid_t fp_realgid; /* real group id */ gid_t fp_effgid; /* effective group id */ Read source code for details –do_exec routine in /usr/src/mm/exec.c –forbidden routine in /usr/src/fs/protect.c

8 Computer Science CSC 405 LabBy Yuzheng Zhou8 Run Set-UID Programs In Minix Login as root. % cp /bin/sh /tmp/ % chmod 4755 /tmp/sh % exit Login as yuzheng (normal user) $ /tmp/sh $ id $ uid=10 (yuzheng) gid=3(other) euid=0(root) suid=10(yuzheng) $ vi /etc/passwd (can open it !!!)

9 Computer Science CSC 405 LabBy Yuzheng Zhou9 Run Set-UID Programs (cont.) But in Fedora 5 (No change!!!) $ uid=501 (yuzheng) gid=501(yuzheng) groups=501(yuzheng) Why? –In Fedora 5, /bin/sh (actually bash) ignores the Set-UID bit option. –Check shell.c in bash-*.tar.gz (http://ftp.gnu.org/gnu/bash/)http://ftp.gnu.org/gnu/bash/ –The following code in bash drops the Set-UID bit if (running_setuid && privileged_mode == 0) disable_priv_mode (); …… void disable_priv_mode () { setuid (current_user.uid); setgid (current_user.gid); current_user.euid = current_user.uid; current_user.egid = current_user.gid;

10 Computer Science CSC 405 LabBy Yuzheng Zhou10 PATH Environment Variable system("ls") invoke the /bin/sh program, and then let the shell program to execute ls. the shell searches for ls using the PATH environment variable. The attacker can change PATH and cause ls in the current directory to be executed. $ export PATH =.:$PATH Do you get root privilege? In Minix: yes; In Fedora: No

11 Computer Science CSC 405 LabBy Yuzheng Zhou11 system() and execve() System() invokes /bin/sh first. –In Fedora, it execv /bin/sh with arguments"sh", "-c" and the user provided string. In Fedora 5, /bin/sh (actually bash) ignores the Set- UID bit option. –Why system() is more secure than execve in Linux –So, for problem 5 (a), we get “permission denied” message in Linux. Want to read source code ? –download glibc-*.tar.gz from http://ftp.gnu.org/gnu/glibc/ –search system and execve

12 Computer Science CSC 405 LabBy Yuzheng Zhou12 Use setuid() carefully void main() { ….. /* check access permission here */ fd = open("/etc/zzz", O_RDWR | O_APPEND); setuid(500); if (fork()) { /* In the parent process */ ….. } else { /* in the child process */ /* The child process inherit opened file from its parent, and Linux will not check access permission again */ write (fd, "Malicious Data", 14); close (fd); }

13 Computer Science CSC 405 LabBy Yuzheng Zhou13 Lab3 Set-RandomUID Grading (I) Project Design (40 pts, due by Nov. 20) –Idea: your design idea, how you implement the system (15pts) Introduction of the project (what can your program do) (2 points) How do you design your program? (Show us the program modules) (8 points) Why does your program work? (5 points) –Knowledge: your understanding of each functions, components (15pts) List and explain all the related functions and files. (5 points) Comment all the related functions and files to let us understand your program. (bonus: 5 points) You need to attach your code, but you can still change and debug your code until the demo. Answer question 3 (5 points) Answer question 4 (5 points)

14 Computer Science CSC 405 LabBy Yuzheng Zhou14 Lab3 Set-RandomUID Grading (II) –Skill: your communication skills to convince us to buy it (10pts) Does our system more secure by using your program? Why or why not? (5 points) Any other reasons we will buy your program, Ex. is your program easy to install to current system? (5 points). Project Demo (1 or 2 days during Nov.27-30) –Check TA’s faq page around Nov. 20. –Everyone has 10-15 minutes –Show your own test case –Run TA’s test case –Be ready for the questions about the project design and implementation. Bonus (submit online, due by Nov.26) –Award up to 50 bonus points to the identified loopholes, 10 points for each.

Download ppt "Computer Science CSC 405 LabBy Yuzheng Zhou1 CSC 405 Introduction to Computer Security Lab session."

Similar presentations

Linux Users and Groups Management

Linux Users and Groups Management
1 Introduction to UNIX Ke Liu

1 Introduction to UNIX Ke Liu
1 The Attack and Defense of Computers Dr. 許 富 皓. 2 Passwords in Unix/Linux Systems.

1 The Attack and Defense of Computers Dr. 許 富 皓. 2 Passwords in Unix/Linux Systems.
Unix Security Issues Process Creation/Space Users and Groups File Permissions Relationship of Program and File Security.

Unix Security Issues Process Creation/Space Users and Groups File Permissions Relationship of Program and File Security.
Operating Systems Recitation 11, June 9-10, 2002.

Operating Systems Recitation 11, June 9-10, 2002.
Unix Systems Administration 1Y. K. Chang root: the super user 4 The UNIX semigod who can perform privileged tasks: controlling processes, adding devices,

Unix Systems Administration 1Y. K. Chang root: the super user 4 The UNIX semigod who can perform privileged tasks: controlling processes, adding devices,
UNIX Chapter 08 File Security Mr. Mohammad Smirat.

UNIX Chapter 08 File Security Mr. Mohammad Smirat.
Getting Started with Linux Linux System Administration Permissions.

Getting Started with Linux Linux System Administration Permissions.
Linux Security.

Linux Security.
File System Security 1. General Principles Files and folders are managed by the operating system Applications, including shells, access files through.

File System Security 1. General Principles Files and folders are managed by the operating system Applications, including shells, access files through.
O.S security Ge Zhang Karlstad University. Outline Why O.S. security is important? Security schemes in Unix/Linux system Security schemes in windows system.

O.S security Ge Zhang Karlstad University. Outline Why O.S. security is important? Security schemes in Unix/Linux system Security schemes in windows system.
Help session: Unix basics Keith 9/9/2011. Login in Unix lab  User name: ug0xx Password: ece321 (initial)  The password will not be displayed on the.

Help session: Unix basics Keith 9/9/2011. Login in Unix lab  User name: ug0xx Password: ece321 (initial)  The password will not be displayed on the.
8 Shell Programming Mauro Jaskelioff. Introduction Environment variables –How to use and assign them –Your PATH variable Introduction to shell programming.

8 Shell Programming Mauro Jaskelioff. Introduction Environment variables –How to use and assign them –Your PATH variable Introduction to shell programming.
Managing User Accounts. Module 2 – Creating and Managing Users ♦ Overview ► One should log into a Linux system with a valid user name and password granted.

Managing User Accounts. Module 2 – Creating and Managing Users ♦ Overview ► One should log into a Linux system with a valid user name and password granted.
Chapter 5 Bourne Shells Scripts By C. Shing ITEC Dept Radford University.

Chapter 5 Bourne Shells Scripts By C. Shing ITEC Dept Radford University.
CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security.

CIT 140: Introduction to ITSlide #1 CSC 140: Introduction to IT File Security.
File Permissions. What are the three categories of users that apply to file permissions? Owner (or user) Group All others (public, world, others)

File Permissions. What are the three categories of users that apply to file permissions? Owner (or user) Group All others (public, world, others)
Let’s look at an example I want to write an application that reports the course scores to you. Requirements: –Every student can only get his/her score.

Let’s look at an example I want to write an application that reports the course scores to you. Requirements: –Every student can only get his/her score.
File Permission and Access. Module 6 File Permission and Access ♦ Introduction Linux is a multi-user system where users can assign different access permission.

File Permission and Access. Module 6 File Permission and Access ♦ Introduction Linux is a multi-user system where users can assign different access permission.
Shell Programming Any command or a sequence of UNIX commands stored in a text file is called a shell program. It is common to call this file a command.

Shell Programming Any command or a sequence of UNIX commands stored in a text file is called a shell program. It is common to call this file a command.

Similar presentations

Ads by Google