|
|
|
Modern Operating Systems by Herbert Bos and Andrew S. Tanenb...
Modern_Operating_Systems_by_Herbert_Bos_and_Andrew_S._Tanenbaum_4th_Ed.pdf
Showing 740 out of 1137
Modern Operating Systems by Herbert Bos and Andrew...
Modern_Operating_Systems_by_Herbert_Bos_and_Andrew_S._Tanenbaum_4th_Ed.pdf-M ODERN O PERATING S YSTEMS
Modern Operating Systems by Herbert...
Modern_Operating_Systems_by_Herbert_Bos_and_Andrew_S._Tanenbaum_4th_Ed.pdf-M ODERN O PERATING S YSTEMS
Page 740
CHAP. 9
PROBLEMS
709
27.
After getting your degree, you apply for a job as director of a large university computer
center that has just put its ancient mainframe system out to pasture and switched over
to a large LAN server running UNIX.
You get the job. Fifteen minutes after you start
work, your assistant bursts into your office screaming: ‘‘Some students have discover-
ed the algorithm we use for encrypting passwords and posted it on the Internet.’’ What
should you do?
28.
The Morris-Thompson protection scheme with
n
-bit random numbers (salt) was de-
signed to make it difficult for an intruder to discover a large number of passwords by
encrypting common strings in advance. Does the scheme also offer protection against a
student user who is trying to guess the superuser password on his machine?
Assume
the password file is available for reading.
29.
Suppose the password file of a system is available to a cracker. How much extra time
does the cracker need to crack all passwords if the system is using the Morris-Thomp-
son protection scheme with
n
-bit salt versus if the system is not using this scheme?
30.
Name three characteristics that a good biometric indicator must have in order to be
useful as a login authenticator.
31.
Authentication mechanisms are divided into three categories: Something the user
knows, something the user has, and something the user is.
Imagine an authentication
system that uses a combination of these three categories. For example, it first asks the
user to enter a login and password, then insert a plastic card (with magnetic strip) and
enter a PIN, and finally provide fingerprints. Can you think of two drawbacks of this
design?
32.
A computer science department has a large collection of UNIX machines on its local
network. Users on any machine can issue a command of the form
rexec machine4 who
and have the command executed on
machine4
, without having the user log in on the re-
mote machine. This feature is implemented by having the user’s kernel send the com-
mand and his UID to the remote machine.
Is this scheme secure if the kernels are all
trustworthy? What if some of the machines are students’ personal computers, with no
protection?
33.
Lamport’s one-time password scheme uses the passwords in reverse order. Would it not
be simpler to use
f
(
s
) the first time,
f
(
f
(
s
)) the second time, and so on?
34.
Is there any feasible way to use the MMU hardware to prevent the kind of overflow at-
tack shown in Fig. 9-21?
Explain why or why not.
35.
Describe how stack canaries work and how they can be circumvented by the attackers.
36.
The TOCTOU attack exploits race condition between the attacker and the victim.
One
way to prevent race conditions is make file system accesses transactions.
Explain how
this approach might work and what problems might arise?
37.
Name a C compiler feature that could eliminate a large number of security holes. Why
is it not more widely implemented?
Ace your assessments! Get Better Grades
Browse thousands of Study Materials & Solutions from your Favorite Schools
Concordia University
Concordia_University
School:
Operating_Systems
Course:
Great resource for chem class. Had all the past labs and assignments
Leland P.
Santa Clara University
Introducing Study Plan
Using AI Tools to Help you understand and remember your course concepts better and faster than any other resource.
Find the best videos to learn every concept in that course from Youtube and Tiktok without searching.
Save All Relavent Videos & Materials and access anytime and anywhere
Prepare Smart and Guarantee better grades
Know more
Students also viewed documents
lab 18.docx
lab_18.docx
Course
Course
3
Module5QuizSTA2023.d...
Module5QuizSTA2023.docx.docx
Course
Course
10
Week 7 Test Math302....
Week_7_Test_Math302.docx.docx
Course
Course
30
Chapter 1 Assigment ...
Chapter_1_Assigment_Questions.docx.docx
Course
Course
5
Week 4 tests.docx.do...
Week_4_tests.docx.docx
Course
Course
23
Week 6 tests.docx.do...
Week_6_tests.docx.docx
Course
Course
106
