Operating System Security
18 Questions
0 Views

Choose a study mode

Play Quiz
Study Flashcards
Spaced Repetition
Chat to lesson

Podcast

Play an AI-generated podcast conversation about this lesson

Questions and Answers

What is the primary goal of protection in a system?

  • To ensure optimal system performance
  • To provide maximum privileges to users and programs
  • To increase system complexity
  • To prevent malicious misuse of the system (correct)

    • What principle dictates that programs, users, and systems be given just enough privileges to perform their tasks?

  • Principle of equal privilege
  • Principle of maximum privilege
  • Principle of least privilege (correct)
  • Principle of absolute privilege

    • What is the recommended practice for a System Administrator's account?

  • Have a separate ordinary account for normal activities (correct)
  • Use a separate account for administrative tasks only
  • Share a single account with other administrators
  • Use the root account for normal day-to-day activities

    • What is the main principle that guides the access control mechanism in a system?

    <p>Need-to-know principle</p> Signup and view all the answers

    What is a computer viewed as in the context of protection?

    <p>A collection of processes and objects (both HW &amp; SW)</p> Signup and view all the answers

    What is a protection domain in the context of access control?

    <p>A set of objects and their corresponding access rights</p> Signup and view all the answers

    What is the purpose of giving a program special privileges, such as making it a SGID program?

    <p>To limit the amount of damage that can occur if something goes wrong</p> Signup and view all the answers

    What is a potential issue with the use of SUID programs?

    <p>They can be placed in random directories around the system</p> Signup and view all the answers

    What is the main purpose of using special directories for privileged programs?

    <p>To prevent crackers from placing SUID programs in random directories</p> Signup and view all the answers

    What is an access right in the context of access control?

    <p>The ability to execute an operation on an object</p> Signup and view all the answers

    What is the purpose of giving each user their own account?

    <p>To limit users to modifying only their own files</p> Signup and view all the answers

    What is required to change the contents of a domain dynamically in a system with static domain association?

    <p>A mechanism for domain switching</p> Signup and view all the answers

    In the MULTICS system, what determines the access privileges of a process?

    <p>The current-ring-number associated with the process</p> Signup and view all the answers

    In UNIX, how are domains realized?

    <p>As users</p> Signup and view all the answers

    What is the consequence of a process operating in a particular ring in the MULTICS system?

    <p>It can access segments associated with higher rings</p> Signup and view all the answers

    What is the effect of setting the SUID bit on a program in UNIX?

    <p>Changes the user ID temporarily</p> Signup and view all the answers

    What is the primary principle underlying the MULTICS system's access control mechanism?

    <p>Need-to-know principle</p> Signup and view all the answers

    What is the benefit of using a ring structure in the MULTICS system?

    <p>It allows for finer-grained access control</p> Signup and view all the answers

    Study Notes

    Goals of Protection

    • Prevent malicious misuse of the system by users or programs
    • Ensure shared resources are used according to system policies
    • Minimize damage caused by errant programs

    Principles of Protection

    • Principle of least privilege: grant only necessary privileges to perform tasks
    • Limit potential damage by giving minimal privileges
    • Each user has their own account with limited privileges
    • Root account should not be used for normal activities

    Domain of Protection

    • A computer system consists of processes and objects (HW & SW)
    • Objects can be abused if not protected
    • Alternative protection methods: placing privileged programs in special directories or using privileged daemons

    MULTICS System

    • Uses a ring structure with 7 rings, each corresponding to a protection domain
    • Each ring has a subset of privileges of the inner rings
    • Files are memory segments with ring numbers and access privileges
    • Processes run in a ring and can only access segments in higher rings

    Need to Know Principle

    • A process should only have access to necessary objects
    • Access should be limited to necessary modes and time frames
    • Modes available depend on object type

    Domain Structure

    • A protection domain specifies accessible resources and operations
    • Defined as a set of pairs
    • Domains can be disjoint or overlapping
    • Association between process and domain can be static or dynamic

    Studying That Suits You

    Use AI to generate personalized quizzes and flashcards to suit your learning preferences.

    Quiz Team

    Description

    This quiz covers the concept of the need-to-know principle in operating system security, including protection domains and access control.

    More Like This

    Use Quizgecko on...
    Browser
    Open
    Browser
    Browser