Explain the role of a file name and path in locating a file on a hard drive.
File name selects the right file in the final directory in the path
Path identifies the directory entries to follow to find the file
Describe the four basic access rights for files and other resources in general. (CRUD)
Create - a new instance of the resource
Read - the contents of a particular resource
Update - or write or modify a particular resource
Delete - or destroy an existing resource
Give reasons why a user would protect a file from read or write access by other users.
To ensure that the contents of said file cannot be viewed or tampered with by other users.
or
- to safeguard sensitive information
- prevent unauthorized modifications
- reduce the risk of data breaches or accidental loss
How does the operating system decide what permissions to apply when a user creates a new file?
Systems tend to implement either of two mechanisms to apply initial access rights:
- Default rights: the system applies a standard set of permissions to all files a particular user creates
- Inherited rights: the system applies permissions inherited from one or more enclosing directories
Explain how the four basic access rights of files and directories interact.
These rights determine what users can do to files and directories. Directories tie files together, a file exists because of its directory entry. To delete it, we need to change said directory entry.
Or
The four basic access rights are Create, Read, Update, and Delete (CRUD), and they apply differently depending on whether the object is a file or a directory, but they also interact with each other.
Here’s the interaction:
• Read (R): On a file, it lets you open and view its contents. On a directory, it lets you list the names of files inside.
• Create (C / Write): On a file, it means writing or adding new content. On a directory, it means creating a new file or subdirectory inside it.
• Update (U): On a file, it allows editing the contents. On a directory, it allows modifying directory entries (like renaming a file).
• Delete (D): To delete a file, you need delete rights on the directory that contains it, not just the file itself—because removing a file requires removing its directory entry.
What does it mean to have “Execute” access to a file?
Execute access lets a user run a program file, but it does not imply the right to copy it or visually examine the executable instructions
Also helps distinguish data files from programs
What is “Seek” access and how is it different from “Read” access?
The seek is separate from the read access; it allows the user’s process to search a directory for a particular name in a file’s path, but not to examine the directory as a whole.
The read access allows the user to list the files in a directory and look at file details stored in that directory.
Describe the format of an executable file.
The executable file has a header which contains the magic number, program size, and layout information.
magic number - a standard data value that appears in the first location of the excutable file
program size - indications of the size of the block of machine instructions that make up the program itself
layout information - addresses and offsets to be used to lay out variables and stack locations in the program’s data section
After the header, the rest of the file contains machine instructions.
Why would we restrict access to executable files?
To keep the system safe from unauthorized use, and other forms of malicious activity. Also to protect the system from malware
Describe how a virus operates and spreads.
viruses are carried by programs, when the program executes, the virus spreads to other programs on the computer
Explain the difference between a virus, a worm, and a Trojan
Virus - Infects via program installed by user
Worm - Infects via network connection by exploiting server vulnerabilities
Trojan - Is a malware that first appears benign, but tricks the user into executing it
Or
• Virus – Malicious code that attaches itself to a file or program and spreads when the file is run. Needs human action to activate. • Worm – Self-replicating malware that spreads across networks without user action. • Trojan – Malware disguised as a legitimate program to trick users into installing it, then performs harmful actions.
When we wish to specify file-access rights, which elements serve as subjects and objects in the access matrix?
Subjects = users or processes; Objects = files or resources in the access matrix.
Explain the difference between a default permit policy and one that enforces Deny by Default.
Default permit allows all access except for blocked one.
Deny by default blocks all access unless granted.
Name the two requirements that must remain true in order for an operating system to enforce its policy.
- The OS protections are always applied when we access our files, and
- There is no way to bypass the OS protections
Do most modern operating systems specify file permissions with a “cluster by row” or “cluster by column” strategy?
Most use a “cluster by row” (list all rights for each subject) approach.
Summarize the information needed to specify a file’s access rights using permission flags
- sets of flags to specify access rights (read, write, and execute)
- a set of flags for each type of process
- processes belonging to the file’s owner
- processes belonging to the system
- processes belonging to others - the world
Describe the differences between an access matrix and a table of compact access rules.
Access matrix has users in rows and files in columns, with each intersection showing the users rights
Table of compact access rules have columns for file types, the owner, world access, and requirements
Explain how the Morris worm took advantage of a failure to use Least Privilege.
It exploited the fact that Unix systems ran processes with the “root” user identity.
Describe the components of a state diagram.
- Storage state - the information is stored and is not currently being processed. We also call this state “data at rest.”
- Processing state - the information is being used by an active process to make decisions or to transform the information into another form. This is “data in use.”
- Transmission state - the information is being moved from one storage area to another. This is “data in motion.
List the typical steps a vendor follows to release a software patch.
- colect error reports
- prioritize errors and assign for investigation
- the engineer develops a fix for the software program
- another engineering team reviews proposed bug fixes for release in an upcoming patch
- test the patch
- release the patch
Explain two different situations in which a window of vulnerability might arise.
- A black hat constructs a zero-day exploit.
- when we install new software from a DVD or other distribution media.
not sure
When we look in our directories at the files, we distinguish between two file types
- Data files, like a word-processing file containing an essay, a spreadsheet, or a configuration file used by a program or the operating system
- Executable files that contain application programs or other programs.
explain the contents of the file header of executable file types
- magic number - a standard data value that appears in the first location of the executable file.
- program size - indications of the size of the block of machine instructions that make up the program itself.
- layout information - addresses and offsets to be used to lay out variables and stack locations in the program’s data section.
common types of executable files
- application programs
- operating system kernel
- device drivers
- shared libraries
