CSIT-460 Computer Security - Lecture 04

Flashcards covering Windows file permissions, Unix file permissions, SetUID, User IDs, and Privileged Programs.

What is the purpose of the Windows file permissions system?

To control access to files and folders by allowing administrators to specify which users or groups can access an object and what actions they can perform.

What are some standard permission types in Windows for files and folders?

Full Control, Modify, Read & Execute, List Folder Contents, Read, and Write.

What is the purpose of Unix file permissions?

To provide a simplified form of access control, specifying who can read, write, or execute each file or directory.

What are the three user classes in Unix file permissions?

Owner, Group, and Others (All).

What are the permission types in Unix file permissions?

Read (r), Write (w), and Execute (x).

How are Unix file permissions represented?

Symbolically (e.g., rw-r-----) or numerically (e.g., 640).

What does SetUID allow a program to do?

Run with the file owner's permissions, not the person running it.

What happens when SetUID is set for a program?

The system temporarily uses the owner's user ID for that process.

What User ID (UID) does the root user have in Linux?

0

What is the range of User IDs (UID) for regular users in most Linux systems?

Greater than or equal to 1000.

What is the purpose of privileged programs?

To enforce fine-grained access control in operating systems as extensions.

What are two types of privileged programs?

Daemons and Set-UID Programs.

What is a daemon?

A computer program that runs in the background and often needs to run as root or other privileged users.

What does the 'sudo' command allow?

Privilege escalation.

What is the Set-UID bit?

A special marking that allows a user to run a program with the program owner’s privilege.

What are the two User IDs every process have?

Real UID (RUID) and Effective UID (EUID).

How to enable Set-UID?

Using chmod 4 7 5 5 command

What is the process of privilege escalation vulnerabilities?

When an attacker exploits a bug, design flaw or configuration oversight in an operating system or application to gain elevated access to resources that are normally protected from an application or user.