Protection Disclaimer: some slides are adopted from book authors - - PowerPoint PPT Presentation

protection
SMART_READER_LITE
LIVE PREVIEW

Protection Disclaimer: some slides are adopted from book authors - - PowerPoint PPT Presentation

Dec 09, 2023 301 likes •560 views

Protection Disclaimer: some slides are adopted from book authors slides with permission 1 Recap Distributed computing Sharing, performance, reliability Terminology Network Packet Protocol DNS A distributed

slide-1
SLIDE 1

Protection

1

Disclaimer: some slides are adopted from book authors’ slides with permission

slide-2
SLIDE 2

Recap

  • Distributed computing

– Sharing, performance, reliability

  • Terminology

– Network – Packet – Protocol

  • DNS

– A distributed database of domain name, IP addr.

2

slide-3
SLIDE 3

Recap: TCP/IP Protocol Layers

3

Ethernet HTTP, DNS, SMTP, FTP, …

slide-4
SLIDE 4

Recap: Sending a Packet

4 Source: G. Herrin, Linux IP Networking: A Guide to the Implementation and Modification of the Linux Protocol Stack, 2000

slide-5
SLIDE 5

Today

  • Protection
  • Security

5

slide-6
SLIDE 6

Examples of OS Protection

  • Memory protection

– Between user processes – Between user and kernel

  • File protection

– Prevent unauthorized accesses to files

  • Privileged instructions

– Page table updates – Cache/TLB updates

6

slide-7
SLIDE 7

Principles of Protection

  • Principle of least privilege

– Programs and users should be given just enough privileges to perform their tasks – Limit the damage if the entity has a bug or abused

7

slide-8
SLIDE 8

Protection Domains

  • Let Di and Dj be any two domain rings
  • If j < I  Di  Dj
  • Kernel mode vs. user mode

8

slide-9
SLIDE 9

Access Control Matrix

  • Domains in rows

– Domain: a user or a group of users

  • Resources in columns

– File, device, …

9

E.g., User D1 can read F1 or F3

slide-10
SLIDE 10

Method 1: Access Control List

  • Each object stores users and their permissions
  • rw-rw-r-- heechul heechul 38077 Apr 23 15:16 main.tex

10

  • wner

group world

slide-11
SLIDE 11

Method 2: Capability List

  • Each domain tracks which objects can access

– Page table: each process (domain) tracks all pages (objects) it can access

11

slide-12
SLIDE 12

Summary

  • Protection

– Prevent unintended/unauthorized accesses

  • Protection domains

– Class hierarchy: root can to everything a normal user can do + alpha

  • Access control matrix

– Domains (Users)   Resources (Objects) – Resource oriented: Access control list – Domain oriented: Capability list

12

slide-13
SLIDE 13

Security

13

slide-14
SLIDE 14

Outline

  • Security basics
  • Stack overflow
  • Some recent security bugs

14

slide-15
SLIDE 15

Security

  • System secure if resources used and accessed as

intended under all circumstances

– Unachievable

  • Intruders (crackers) attempt to breach security
  • Threat is potential security violation
  • Attack is attempt to breach security

15

slide-16
SLIDE 16

Program Threats

  • Stack and Buffer Overflow

– Exploits a bug in a program (overflow either the stack or memory buffers) – Failure to check bounds on inputs, arguments – Write past arguments on the stack into the return address

  • n stack

– When routine returns from call, returns to hacked address

  • Pointed to code loaded onto stack that executes malicious code

– Unauthorized user or privilege escalation

16

slide-17
SLIDE 17

Stack Frame Layout

17

Stack pointer

slide-18
SLIDE 18

Code with Buffer Overflow

  • What is wrong in this code?

18

#define BUFFER_SIZE 256 int process_args(char *arg1) { char buffer[BUFFER SIZE]; strcpy(buffer,arg1); ... } int main(int argc, char *argv[]) { process_args(argv[1]); ... }

slide-19
SLIDE 19

Code with Buffer Overflow

  • Stack layout after calling process_arg()

19

#define BUFFER_SIZE 256 int process_args(char *arg1) { char buffer[BUFFER SIZE]; strcpy(buffer,arg1); ... } int main(int argc, char *argv[]) { process_args(argv[1]); ... }

arg1

slide-20
SLIDE 20

Code with Buffer Overflow

  • Do you remember strcpy() in C?

20

#define BUFFER_SIZE 256 int process_args(char *arg1) { char buffer[BUFFER SIZE]; strcpy(buffer,arg1); ... } int main(int argc, char *argv[]) { process_args(argv[1]); ... }

arg1

slide-21
SLIDE 21

Let’s Get the Shell

  • Steps

– Compile the code you want to illegitimately execute – ‘Carefully’ modify the binary – Pass the modified binary as string to the process_arg()

21

#include <stdio.h> int main(int argc, char *argv[]) { execvp(‘‘/bin/sh’’,‘‘/bin/sh’’, NULL); return 0; }

slide-22
SLIDE 22

The Attack: Buffer Overflow

22

Before After executing strcpy(buffer, arg1) the crafted string containing the illegitimate code

slide-23
SLIDE 23

Linux Kernel Buffer Overflow Bugs

23

Source: http://www.cvedetails.com/vulnerability-list/vendor_id-33/product_id- 47/cvssscoremin-9/cvssscoremax-/Linux-Linux-Kernel.html

212 reported buffer overflow bugs in Linux

slide-24
SLIDE 24

Linux Kernel Buffer Overflow Bugs

24