DM510
Week 19 | DM510

Weekly Notes for Week 19

In Week 19 we start the discussion of chapters 16 (Security). The Tuesday lecture will only be 45 minutes (ending at 13.00)

Tutorial Session Week 19

Please prepare for week 19 the following exercises:

Chapter 15

  1. (repetition) Explain how the VFS layer allows an operating system to support multiple types of file systems easily.

  2. Why have more than one file system type on a given system?

  3. On a Unix or Linux system that implements the procfs file system, determine how to use the procfs interface to explore the process name space. What aspects of processes can be viewed via this interface? How would the same information be gathered on a system lacking the procfs file system?

  4. Why do some systems integrate mounted file systems into the root file system naming structure, while others use a separate naming method for mounted file systems?

  5. Given a remote file access facility such as ftp, why were remote file systems like NFS created?

  6. (important, specifically (b)) Given a mounted file system with write operations underway, and a system crash or power loss, what must be done before the file system is remounted if: (a) The file system is not log-structured? (b) The file system is log-structured?

  7. Why do operating systems mount the root file system automatically at boot time?

  8. (important) Why do operating systems require file systems other than root to be mounted?

Chapter 16

  1. (important) Buffer-overflow attacks can be avoided by adopting a better programming methodology or by using special hardware support. Discuss these

  2. (important) What is the purpose of using a “salt” along with a user-provided password? Where should the salt be stored, and how should it be used? Answer:

  3. (important) An experimental addition to UNIX allows a user to connect a watchdog program to a file. The watchdog is invoked whenever a program requests access to the file. The watchdog then either grants or denies access to the file. Discuss two pros and two cons of using watchdogs for security.

  4. Make a list of six security concerns for a bank’s computer system. For each item on your list, state whether this concern relates to physical, human, or operating-system security.

  5. What commonly used computer programs are prone to man-in-themiddle attacks? Discuss solutions for preventing this form of attack.

  6. (important) Why doesn’t $D_{kd,N} (E_{ke,N} (m))$ provide authentication of the sender? To what uses can such an encryption be put?

  7. (important) Mobile operating systems such as iOS and Android place the user data and the system files into two separate partitions. Aside from security, what is an advantage of that separation?