Minix Security
Essay by review • December 1, 2010 • Study Guide • 437 Words (2 Pages) • 793 Views
To Design and implement the set- Random UID mechanism.
Lab Report .
Step 1.
The unused sticky bit in the permission field of the I-node data structure (defined in /usr/src/fs/inode.h) is used. This sticky bit is disabled in the usr/include/minix/const.h
To enable set random uid mechanism :
We have to enable the sticky bit , say, for a file
chmod +t filename
I made a file fd.c in which I was editing another text file named tested txt.
Both fd and tested.txt are owned by a normal user t2.
chmod +t fd
Following is the code for the program, with permissions 765 which can write malicious data into a text file tested.txt
-----------------------------------------------------------------------------------------------------------
fd.c
#include
#include
#include
#include
#include
#include
main(void)
{
int fd;
setuid(getuid());
/*setgid(getgid());*/
fd=open(ÐŽ§/cs/tested.txtÐŽÐ, O_RDWR | O_APPEND);
if (fork())
{
close(fd);
exit(0);
}
else
{
write (fd, ÐŽ§n yes I can write
...
...