PC 2

Define these terms. (10 pts. each)

1. Protection

   1. The isolation of potentially misbehaving applications and users so that they do not corrupt other applications or the operating system itself

2. operating system kernel

   1. The kernel is the lowest level of software running on the system, with full access to all of the capabilities of the hardware

3. Process

   1. The execution of an application program with restricted rights—the abstraction for protection provided by the operating system kernel

4. executable image

   1. File containing a sequence of machine instructions and initial data values for a program

5. process control block

   1. A data structure that stores all the information the operating system needs about a particular process: e.g., where it is stored in memory, where its executable image is on disk, which user asked it to start executing, and what privileges the process has

6. dual mode operation

   1. Hardware processor that has (at least) two privilege levels: one for executing the kernel with complete access to the capabilities of the hardware and a second for executing user code with restricted rights

7. privileged instruction

   1. Instruction available in kernel mode but not in user mode

What are the four subsections of the process memory shown in Figure 2.2? (10 pts.)

1. Machine instructions, data, heap, and stack.

Are the base and bound registers used to enforce protection in both user and kernel modes? (10 pts.) 

1. No, they are only in user mode

What is a benefit of address randomization? (see slides, 10 pts.) 

1. It can help defeat certain types of buffer overflow attacks.