access control privilege how does your code manage who has access to what? authorization ...
TRANSCRIPT
![Page 1: Access Control privilege How does your code manage who has access to what? authorization permission Two OS models: Unix Windows](https://reader035.vdocuments.us/reader035/viewer/2022062806/5697bf801a28abf838c84f73/html5/thumbnails/1.jpg)
Access ControlAccess Control
privilege
How does your code manage whohas access to what?
authorization
permission
Two OS models:
Unix
Windows
![Page 2: Access Control privilege How does your code manage who has access to what? authorization permission Two OS models: Unix Windows](https://reader035.vdocuments.us/reader035/viewer/2022062806/5697bf801a28abf838c84f73/html5/thumbnails/2.jpg)
Access Control in Unix/LinuxAccess Control in Unix/Linux
can ____ resources (files)
Every user …
has a unique UID (positive integer)
belongs to one or more groups
Every file/resource …
other possibilities:sticky bit, setUID, setGID
stores permissions for owner, group & world
potential permissions are _______
User 0 -- ______
![Page 3: Access Control privilege How does your code manage who has access to what? authorization permission Two OS models: Unix Windows](https://reader035.vdocuments.us/reader035/viewer/2022062806/5697bf801a28abf838c84f73/html5/thumbnails/3.jpg)
The sticky bitThe sticky bitOne bit of file/dir permission is dedicated as the sticky bit.
Such bits are no longer used for files
Some directories have the “sticky bit” property
Example:
Any user can write to such a directory.If you create new files, you are the owner andhave wr permission and the world has r permission.
![Page 4: Access Control privilege How does your code manage who has access to what? authorization permission Two OS models: Unix Windows](https://reader035.vdocuments.us/reader035/viewer/2022062806/5697bf801a28abf838c84f73/html5/thumbnails/4.jpg)
Processes in UnixProcesses in UnixExecuting a file initiates process execution.
process permissions normally derive from the owner
any created file has permissions determined by umask
To ______ permissions …
execute a process from an owner with lesser privilege
A forked process/thread inherits permissions.
To ________ permissions …
![Page 5: Access Control privilege How does your code manage who has access to what? authorization permission Two OS models: Unix Windows](https://reader035.vdocuments.us/reader035/viewer/2022062806/5697bf801a28abf838c84f73/html5/thumbnails/5.jpg)
setUID, setGIDsetUID, setGIDIf the setUID bit is set on an executable file, then when
the file executes it assumes the permissions of thefile’s owner for the duration of this file’s execution.
The rule is not to elevate privilege any more than necessary.
EUID executing file’s owner
![Page 6: Access Control privilege How does your code manage who has access to what? authorization permission Two OS models: Unix Windows](https://reader035.vdocuments.us/reader035/viewer/2022062806/5697bf801a28abf838c84f73/html5/thumbnails/6.jpg)
Access Control in WindowsAccess Control in WindowsWhen a user is authenticated, Windows produces
an access token containing: the user’s _____
a list of group SIDs – one _____ per group
A special kind of token (impersonation token) can be grantedto services when they are authorized.
A copy of the access token is attached to every processand thread the user executes.
![Page 7: Access Control privilege How does your code manage who has access to what? authorization permission Two OS models: Unix Windows](https://reader035.vdocuments.us/reader035/viewer/2022062806/5697bf801a28abf838c84f73/html5/thumbnails/7.jpg)
Windows ResourcesWindows ResourcesMany objects are thought of as resources:
files / directories
registry keys
Permissions vary by resource type.
shared memory
job objects (processes)
mutexes, named pipes, semaphores
printers
active directory objects
![Page 8: Access Control privilege How does your code manage who has access to what? authorization permission Two OS models: Unix Windows](https://reader035.vdocuments.us/reader035/viewer/2022062806/5697bf801a28abf838c84f73/html5/thumbnails/8.jpg)
ACLsACLsDiscretionary Access Control List (DACL)
– every resource has one- DACL is a list of Access Control Entry (ACE)
Access Control Entry (ACE) contains1) 2) 3)
An object can have both explicit and inherited ACEs.
Algorithm for authorizing:follow the DACL for the first ACE to ALLOW or DENYmatching one of the SIDs in the access token
ACEs are ordered by explicit collection before inherited andfollowing inheritance tree.Within each collection all DENY precede all ALLOW
![Page 9: Access Control privilege How does your code manage who has access to what? authorization permission Two OS models: Unix Windows](https://reader035.vdocuments.us/reader035/viewer/2022062806/5697bf801a28abf838c84f73/html5/thumbnails/9.jpg)
Example
Authorization requests:
xFile
xParent
xGParent
inherits from
inherits from
SID2X-DENY
SID2R-DENY
SID5R-DENY
SID5X-DENY
SID3W-ALLOW
SID2R-ALLOW
SID4W-ALLOW
SID3W-DENY
SID4X-ALLOW
Write to xFile access token: SID3 & SID4Write to xFile access token: SID2 & SID4Read from xFile access token: SID2 & SID5
Execute from xFile access token: SID2, SID3, SID4 & SID5
![Page 10: Access Control privilege How does your code manage who has access to what? authorization permission Two OS models: Unix Windows](https://reader035.vdocuments.us/reader035/viewer/2022062806/5697bf801a28abf838c84f73/html5/thumbnails/10.jpg)
File Permissions in WindowsFile Permissions in WindowsFull control – read, write, modify, execute,
change attributes/permissionsand/or take ownership
Modify– read, write, modify, execute and/orchange attributes
Read & execute – display file content, viewattributes/owner/permissions and/orexecute
Read – display file content and/or viewattributes/owner/permissions
Write – write file content, append to file and/orread/change file attributes
![Page 11: Access Control privilege How does your code manage who has access to what? authorization permission Two OS models: Unix Windows](https://reader035.vdocuments.us/reader035/viewer/2022062806/5697bf801a28abf838c84f73/html5/thumbnails/11.jpg)
Windows advantages: - finer user granularity (Administrator & operator groups) - ACE’s can specify many groups, not just one - allows for variation in permissions by object type
Windows disadvantage: - complexity
![Page 12: Access Control privilege How does your code manage who has access to what? authorization permission Two OS models: Unix Windows](https://reader035.vdocuments.us/reader035/viewer/2022062806/5697bf801a28abf838c84f73/html5/thumbnails/12.jpg)
Other Access Control SystemsOther Access Control Systems
Programming languages may or may not provide full access
network security – see CS455
Web access control?
cookies