The Shell the first token is the name

The Shell the first token is the name

The Shell the first token is the name of a program, run it The Shell has two problems to solve - 1. it must find the program 2. it must create a new process to run it The first problem is to uniquely identify the program the user wants to run. There may be many executables named ls, How do we choose? Maybe look in the current directory?

The Shell The shell maintains an arrays of strings, called the environment. Each string looks like: name=value By convention name is capitalized (completely). There are no embedded spaces Try these:

export name=value export AAA=23hello echo $name echo $AAA env The Shell solving problem 1 find the executable

Each string represents an environment variable The PATH environment variable contains a colon separated list of directories They are searched in order to find the executable to run The Shell solving problem 2 start a new process The second problem is how to create a new process

fork() - duplicate me exec(newProgram) - replace me with newProgram system(str) wraps the two up, runs a shell, gives it str

Compiling and running a program Say your code is in the file program1.c, compile it into an executable like this: cc -o prog1 program1.c The name after the -o flag (prog1) is what you want the executable to be named. The convention is to name it the same as the source code, but you can name it anything you like.

Assuming no errors, after compiling like this: cc o prog1 program1.c You have a new file named prog1 which contains the executable Run it like you would run any other program: $ prog1 Make sure your PATH environment variable is correct, or use: $ ./prog1 $ cc -o prog1 program1.c ;compile it

$ prog1 -l hi9 ;run it //prints out the incoming command line arguments #include What is this about? int main(argc, argv, envp) int argc;

char **argv, **envp; { for (i=0; i

Macro preprosessor - handles #includes, #defines, etc. definitions and type info translation (compile) linker loader lexical, syntactical, code gen ln ld

#include cc -I /home/rjoyce9 -L/home/rjoyce9 -o prog prog.c #include vs libraries static libraries vs dynamic libraries -lm run time stack

implements function call/return mechanism, frames storage ebbs and flows in perfect synchrony with function nesting a big and common target Obvious, but also not: attackers cant change things on your stack directly. They must induce your code to make the evil changes for them. Heap

not the data structure used for dynamic storage platform dependent details a harder target, but still a target heap spraying The Shell this is the memory in your computer

/dev/mem (just another series of bytes) (details of solving problem #2) The Shell exec() replaces a segment for one program

with a segment for another the CPU constantly jumps among all the currently running processes, giving each a time slice, so it looks like they are all running concurrently another example of tricking the human by operating beneath the level of what we can resolve

The Shell command line redirection wait or dont wait nohup pipes Some commonly used commands Bundle,compress,transmit

Where in the file system am i? find a file show a file (catenate) page through a file get the first/last N change file owner, group look in the manual find something in a file whos logged in, doing what? halt, reboot machine, now/later

change a password run a program later/periodically graft a subtree into the filesystem kernel funcs to create processes tar,gzip,scp pwd find cat more,less

head,tail chown, chgrp man grep who,w shutdown passwd crontab -e mount fork(2),exec(2)

The Trojan Horse Problem Consider the PATH search mechanism used by the shell Or any such scheme used to get a program, a library, a value for a variable, etc If you put a phony one in the search path ahead of the real/expected one, you have created a Trojan

Consider: PATH=.:/bin:/usr/bin:/sbin And a program named ls in the current directory, but this ls silently does something nefarious in addition to showing file listings Conditions for a Trojan? Other PATH-like things: CLASSPATH

PYTHONPATH MANPATH MS_ADDIN LD_LIBRARY_PATH Many application defined examples PATH is sometimes a list, sometimes a singleton LD_LIBRARY_PATH LOAD_WITH_ALTERED_SEARCH_PATH

and the world of Microsoft c-link-library-search-order Online *nix tutorial Review.3, are these comfortable?

A bit is a 1 or a 0 A nibble is 4 bits A byte is two nibbles Decimal, binary, octal, hex, literals A file is a stream of bytes Everything is a file A file has associated meta information Permissions, rwx, owner/group/world User id bit, Group id bit, Sticky bit Processes, creating fork(), exec(), tree organization

CPU role HIDs (human interface devices) Shell Environment PATH and PATH-like The problem of Trojans (These can be a little fuzzy/abstract at this point) The program called man is your interface to the *nix manual Understand

the format of a page command line arguments behavior return values possible errors the different sections 1 - programs you can run (run it from the command line) 2 - system calls (2,3 are functions to call from your code) 3 - libc (+) functions (2=kernel calls, 3=library calls) 4 - special files

5 - file formats 8 - sys admin stuff Summary, our list of unifying concepts The file and folders GUI metaphor, and how it relates to command line syntax A file is a stream of bytes, and everything is represented as a file Files have meta-level information The command line interface is alive and well Files are arranged in trees (graphs)

A ready-to-run program is a process The main interactive interface to the machine is called a shell OS structure sections 1, 2, 3 of the manual Introduction to Information Security We looked at the heterogeneity and vastness of the problem, so where do we start, how do we carve it up? Science is real, but not true,

Math is true, but not real. - me Cave kids and quantum fields ways to slice it NETWORK SERVERS: provide service to remove client programs

(e.g., web server; database management system) USER LEVEL PROGRAMS User programs Running with nonadmin privileges (e.g., Word processors) System programs

Running with admin (or root) privileges: E.g., msconfig.sys; useradd OPERATING SYSTEM KERNEL: programs running with kernel (RING 0) privileges. Examples: Device drivers; DLLs (dynamic linked libraries) and loadable kernel modules (in UNIX/Linux). On a computer

Network Security Over a network Networking & Security The need for securitycomputing or communicating in the presence of adversaries. These days it is taken to mean a network of computing devices dealing in digitized information

A high level way to think about it all starts with vocabulary CIA (isnt that clever? words are more true when they rhyme And when theyre arrange in acronyms and sound bites) Confidentiality Integrity Availability

1.Policy 2.Threat model 3.Mechanism 1 - Policy Policy the goals you wish to achieve what I want my system to be able to do only I can change the file with grades

security policy What activities or events should be prevented/detected? Who are the actors or participants (maybe in terms of their roles) ? Give/withhold permission on classes/instances of object security policy

security policies try to achieve Confidentiality: information should not be disclosed to unauthorized parties Integrity: information should not be modified in an unauthorized manner Availabile: system or resource shall be available for use as intended Security mechanism security policy

In practice computer systems are often compromised break-ins are pretty common place Build a file system make sure I can access the student information check - yep, I can access it security policy But in the negative form: AND nobody else can access it

Thats a much harder problem what can a unknown, potentially infinite set of attackers do? you cant prove a negative FALSE (but also kind of true) security policy achieving desired behavior vs

Preventing undesired behavior Different way of thinking security policy The right set of assumptions is not so easy Iterative process after each failure

Threat Model 2. Threat model a set of assumptions about the bad guy if the bad guy is omniscient, you cant get anywhere Bad guy does not have my password, or my laptop, or keys Not that easy to articulate in a precise way Threat Model

Who is your enemy? What do they know? What do they have? Mechanism 3. Mechanism stuff that will let us achieve our goals under the assumption (stuff = mostly software and hardware)

Mechanism A security mechanism/control a component, technique, or method for attempting to implement a security policy. Mechanism

Security mechanisms are typically about Prevention dont let anyone break the policy Detection/Recovery : detect when policy is violated, maybe fix it User authentication vs user identification Mechanism Security mechanisms may involve: Identification of principals (e.g. user name) Authentication of principals (e.g. password,

biometric) Authorization: checking to see if principal is authorized for requested action Physical protection: locks, enclosures Logical protection: correct software How security goes wrong In practice, people get all three wrong security policy

Policy gone wrong Policy - you must know the password to log in Password recovery well email you a link to reset it answer these security questions to reset it security policy But now I changed the policy to

know the password, or know the answers to these questions, or have access to the backup email to log in Threat Model gone wrong Threat models that assume secure human behavior and/or specific adversary behavior Needs to be balanced against realism

Mechanism Most of the 1000+ per month on the NVD Let me count the ways, theyve gone wrong Aapl Citi Java SecureRandom() SSL certificate

C based browser Buffer overflow Check out openssl source code

Recently Viewed Presentations