Computer Systems Lecture: Process Isolation PDF

Basics of Computer Systems Lecture 6 -- Process Isolation *This lecture* - Process isolation - Why is process isolation required? - How processes communicate with each other? - Inter-Process Communication (IPC) - Definition of IPC - Importance of IPC - Network sockets with examples - Consequences of IPC over Networks *Process isolation* **[A process should not have access to the memory of another process ]** Why? Mostly security and privacy Usually everything is stored in memory If there was no isolation, while you browse a random website, the website could easily read all your passwords, what you are browsing you camera, your microphone, etc. (Although in this example, several layers of isolation are applied in web browsers) *Process isolation (2)* **But if your process has administrator rights (you run a program with "run as administrator" in windows) in may have access to other memory locations belonging to other processes.** [Let's check this interesting example: CheatBurger] There is a tool for cheating (in video games). Let's say the tool's name is CheatBurger. It can easily create cheats for many games, without any programming knowledge. How does it work? Here is the example flow of CheatBurger: 1. You should select the process related to your game. 2. Then it\'ll scan the memory belonging to that process. 3. Go into the game, and for example spend some money. 4. Let\'s say you had 30 dollars, and now you have 20 dollars. 5. Stop the CheatBurger. 6. CheatBurger will detect the changed memory locations. 7. If you can find the place that changed from 30 to 20, you can increase that to anything you want, so you can have infinite money. *Process isolation (3)* Next time be careful when you run a program with admin rights. You don't know what that program does. *Process isolation (4)* We thus try to fully isolate processes. However, it is very common that processes need to communicate with each other, for instance to cooperate on a task. Giving processes in need of communication, admin rights and expecting them to behave well is not a great idea. (and also does not help robustness (stay resilient) So, **how do processes communicate with each other, while maintaining isolation**? *Inter-Process communication (IPC)* **IPC** is a mechanism to **allow safe** and **controlled** communication between processes, while respecting isolation. IPC is provided as a service by operating system, and its available to use by programs. [IPC is a concept not a method ] Developers choose between one or more of the IPC methods cording to their requirements and preferences *Why IPC is important?* - **Security:** it allows safely sharing a resource between processes - **Concurrency:** multiple processes can communicate with each other in a synchronized (harmonized) way to prevent conflicts and race condition - **Modularity:** with proper communication, it is possible to create individual processes that do a sperate task Inter-process communication mechanisms -------------------------------------- - Pipes - Sockets - Shared memory - Message queue ***IPC communality*** The common goal for IPC mechanism is to transfer data from one process to the other ***Network Sockets*** Network sockets allow communication over a network. Network sockets allow communication between processes on different computers (IPC!) Network sockets are commonly built for client-server applications. In a client-server application, the server (waits and) accepts connection from clients. [Network sockets: example: web browser] ***Network sockets: Another example*** Other examples that use network sockets include: - **E-mail**: when we send an e-mail to someone\@somecompany.com, we connect to the mail server of \"some company\" to have our e-mail delivered. - **Gaming**: multiple players connect to the same server to play together in the same game world. - **File sharing**: we connect to another computer to transmit a file. - **Messaging:** a message is sent from a phone to a relay server using a network socket. The relay server delivers the message to the recipient via a network socket. Consequences of IPC over the network ------------------------------------ It is important to be aware that enabling IPC over the network comes with risks and consequences with regard to cybersecurity and cybercrime Essentially, a process running on computer A can now influence process running on computer B A process on computer A could have malicious intent **Let's consider three examples:** ***Denial of service*** Assume computer B provides a public service (like ) - Computer A has a malicious idea, lets send a huge number of requests to computer B! - Computer B now receives so many requests that it cannot answer these in a short time. Computer B becomes unavailable to others! - We refer to this as a [Denial of Service (DOS) attack] ***Denial of Service, another way*** Two weeks ago, we discussed [memory leaks] Assume that we know that a certain operation in a remote computer causes memory leaks. And we ask this remote computer to execute this operation through IPC Then lets send many requests to execute this operation! The memory of the remote computer will fill up and at some point the computer will crash and will no longer be assessable to us but also to others. ***Taking over control*** Another weakness that we discussed were [buffer overflows] Again, assume we know that some program on a remote computer contains such weakness. We can possibly abuse this weakness on the remote computer by sending it a message, so through IPC This is how computers, including smartphones (!), are hacked, infected, infiltrated...

Computer Systems Lecture: Process Isolation PDF

Document Details

Tags

Related

Summary

Full Transcript