DOCSLIB.ORG

A Portable User-Level Approach for System-Wide Integrity Protection†

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
A Portable User-Level Approach for System-Wide Integrity Protection† A Portable User-Level Approach for System-wide Integrity Protectiony Wai-Kit Sze and R. Sekar Stony Brook University Stony Brook, NY, USA ABSTRACT • Difficulty of secure policy enforcement. Non-bypassable poli- In this paper, we develop an approach for protecting system in- cies usually have to be enforced in the OS kernel. They are usu- tegrity from untrusted code that may harbor sophisticated malware. ally much harder to develop than user-level defenses. Moreover, We develop a novel dual-sandboxing architecture to confine not kernel-based solutions cannot be easily ported across different only untrusted, but also benign processes. Our sandboxes place OSes, or even different versions of the same OS. only a few restrictions, thereby permitting most applications to An alternative to sandboxing is isolated execution of untrusted code. function normally. Our implementation is performed entirely at One-way isolation [15, 23] permits untrusted software to read any- the user-level, requiring no changes to the kernel. This enabled us thing, but its outputs are held in isolation. Two-way isolation limits to port the system easily from Linux to BSD. Our experimental re- both reads and writes, holding the inputs as well as outputs of un- sults show that our approach preserves the usability of applications, trusted applications in an isolated environment. The app model on while offering strong protection and good performance. Moreover, Android, Apple iOS, and Windows 8 sandbox are generally based policy development is almost entirely automated, sparing users and on this two-way isolation model. administrators this cumbersome and difficult task. Isolation approaches provide stronger protection from malware since they block all interactions between untrusted and benign soft- 1. Introduction ware, thereby preventing subversion attacks. They also provide The state-of-practice in malware defense relies on reactive mea- much better usability because they permit sufficient access for most sures, such as virus scanning and software patches. While this prac- applications to work. However, they too have several significant tice may have been adequate in the past, it cannot cope with today’s drawbacks, especially in the desktop environment: sophisticated malware that employ complex evasion and subversion • Fragmentation of user data. Unlike sandboxing, which contin- techniques to overcome deployed defenses. It is thus important to ues to support the model of a single namespace for all user data, develop principled defenses that provide reliable protection regard- isolation causes a fragmentation: user data is partitioned into less of malware sophistication. two or more containers, each representing a disjoint namespace. A natural (and perhaps the best studied) proactive defense is to • Inability to compose applications. The hallmark of today’s desk- sandbox potentially malicious code. This approach can be applied top OSes is the ability to compose applications together. UNIX to software from untrusted sources [11], which may be malicious pipelines represented one of the early examples of application to begin with; or to software from trusted sources [16, 6, 20] that is composition. Other common forms of composition can happen benign to start with, but turns malicious due to an exploit. However, through files or scripts, e.g., printing a spread sheet into a PDF there are several challenges with sandboxing untrusted code: file and then emailing this PDF file. Unfortunately, strict isola- • Difficulty of policy development. Experience with SELinux [16] tion prevents one application from interacting with any data (or and other projects [3, 22] show that policy development requires code) of other applications, thus precluding composition. a great deal of expertise and effort. Moreover, policies that • No protection when isolation is breached. Strict isolation may provide even modest protection from untrusted code can break be breached either due to a policy relaxation, or through manual many legitimate applications. copying of files across isolation contexts. Any malware present • Subversion attacks on benign software. Even highly restrictive in such files can subsequently damage the system. policies can be inadequate, as malware can co-opt benign appli- In contrast, our approach combines the strengths of sandboxing cations to carry out prohibited operations: Malware may trick a and isolation of untrusted code, while avoiding most of their weak- user to run a benign application in insecure ways or exploit vul- nesses. Like sandboxing, all user data is held within one name nerabilities in benign applications to perform arbitrary actions. space, thereby providing a unified view. Like isolation, our ap- Permission to make digital or hard copies of all or part of this work for per- proach preserves the usability of applications, and does not require sonal or classroom use is granted without fee provided that copies are not significant policy development effort. At the same time, it avoids made or distributed for profit or commercial advantage and that copies bear the weakness of isolation-based approaches, allowing most typi- this notice and the full citation on the first page. Copyrights for components cal interactions between applications, while ensuring that system of this work owned by others than the author(s) must be honored. Abstract- security isn’t compromised by these interactions. An open-source ing with credit is permitted. To copy otherwise, or republish, to post on implementation of our system is available [26]. servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]. ACSAC ’13, December 09 - 13 2013, New Orleans, LA, USA yThis work was supported in part by grants from NSF (CNS- Copyright held by the owner/author(s). Publication rights licensed to ACM. 0831298) and AFOSR (FA9550-09-1-0539). ACM 978-1-4503-2015-3/13/12 ...$15.00. Term Explanation 1.1.1 Secure enforcement and tracking without OS changes malicious intentionally violate policy, evade enforcement Our approach encodes integrity labels into file ownership and untrusted possibly malicious permission. In particular, untrusted files are those that are owned benign program non-malicious but may contain vulnerabilities by a set of newly created untrusted userids, or are writable by these benign process process whose code and inputs are benign, hence non-malicious users. Untrusted processes are all run with an untrusted userid. This encoding enables us to leverage existing OS mechanisms for Figure 1: Key terminology tracking and propagating integrity labels. In particular, note that files as well as child processes inherit their ownership from that 1.1 Approach Overview and Salient Features of the process that created them. As a result, any file or process Sophisticated malware can evade defenses using multi-step at- created by an untrusted process will have the label of untrusted. tacks, with each step performing a seemingly innocuous action. Benign processes and files are characterized by their ownership For instance, malware may simply deposit a shortcut on the desk- by a userid other than an untrusted userid. In addition, benign files top with a name of a commonly used application instead of writing will have write permissions that make them unwritable by untrusted files in system directories directly. It can wait until the user double- userids. As a result, files created by benign processes will have clicks on this shortcut and do its work. Alternatively, malware may benign labels, once again ensuring correct propagation of labels. deposit files that contain exploits for popular applications, with the In addition to tracking integrity labels, our userid-based encod- actual damage inflicted when a curious user opens them. The first ing also provides the foundation for sound policy enforcement with- example involves a benign process executing code derived from a out OS kernel changes. Specifically, existing OS mechanisms can malicious source, while the second example involves a vulnerable correctly enforce policies on untrusted processes: by virtue of our benign application being compromised by malicious data. integrity label encoding, benign files have permission settings that To thwart all malware attacks regardless of the number of steps make them unwritable by untrusted userids. Although we need to involved, we use integrity labels to systematically track the influ- develop additional enforcement mechanisms for benign processes, ence of untrusted sources on all files. Files coming from the OS e.g., to prevent them from reading untrusted files, this is a con- vendor (and any other source that is trusted to be non-malicious) siderably simpler task than policy enforcement on untrusted code. are given the label benign (Figure 1), while the remaining files are In particular, challenges in secure policy enforcement arise mainly given the label untrusted. Note that benign programs may con- due to evasion attacks. Since benign processes cannot be malicious, tain exploitable vulnerabilities, but only untrusted programs can be they won’t attempt evasion. Indeed, a simple yet secure implemen- malicious, i.e., may intentionally violate policy and/or attempt to tation can be developed within the address space of a benign pro- evade enforcement. Exploitation of vulnerabilities can cause be- cess, e.g., by replacing libc, which makes all system calls on behalf nign programs to turn malicious. However, an exploit represents of a process, with a version
Load more

Recommended publications
  • Puddletag 1.0.5
    FOSSPICKS Sparkling gems and new releases from the world of FOSSpicks Free and Open Source Software Mike Saunders has spent a decade mining the internet for free software treasures. Here’s the result of his latest haul… Sound file tag editor Puddletag 1.0.5 e love discovering need Mutagen – this is the library programs that that handles the low-level Wostensibly perform operations of adding tags to music mundane tasks, but have so many files. On Ubuntu and Debian-based features and options that they distros, you can get all of the actually become rather cool. dependencies via the python-qt4, Puddletag is one such example: it’s python-pyparsing, python- a music file tag editor. Riveting, mutagen and python-configobj right? But when you start exploring packages. Then extract the the interface and discover some of puddletag-1.0.5.tar.gz file, go into the complexity behind it, you the resulting directory, and run actually start to admire it. And if you ./puddletag. manage a large music collection, you might find that you can’t live I, spreadsheet without it. Sure, most graphical The first thing you’ll notice is the music players on Linux include unusual interface: Puddletag looks Puddletag can work with ID3v1, ID3v2 (MP3), MP4, some kind of tag editing facility, but somewhat like a spreadsheet. This VorbisComments (Ogg and FLAC) and Musepack (mpc) tags. Puddletag is industrial strength. actually turns out to be a very good It’s written in Python (2) and uses design when you’re working on lots click on the F button in the toolbar, Qt 4 for the interface, so its main of files.
    [Show full text]
  • Resurrect Your Old PC
    Resurrect your old PCs Resurrect your old PC Nostalgic for your old beige boxes? Don’t let them gather dust! Proprietary OSes force users to upgrade hardware much sooner than necessary: Neil Bothwick highlights some great ways to make your pensioned-off PCs earn their keep. ardware performance is constantly improving, and it is only natural to want the best, so we upgrade our H system from time to time and leave the old ones behind, considering them obsolete. But you don’t usually need the latest and greatest, it was only a few years ago that people were running perfectly usable systems on 500MHz CPUs and drooling over the prospect that a 1GHz CPU might actually be available quite soon. I can imagine someone writing a similar article, ten years from now, about what to do with that slow, old 4GHz eight-core system that is now gathering dust. That’s what we aim to do here, show you how you can put that old hardware to good use instead of consigning it to the scrapheap. So what are we talking about when we say older computers? The sort of spec that was popular around the turn of the century. OK, while that may be true, it does make it seem like we are talking about really old hardware. A typical entry-level machine from six or seven years ago would have had something like an 800MHz processor, Pentium 3 or similar, 128MB of RAM and a 20- 30GB hard disk. The test rig used for testing most of the software we will discuss is actually slightly lower spec, it has a 700MHz Celeron processor, because that’s what I found in the pile of computer gear I never throw away in my loft, right next to my faithful old – but non-functioning – Amiga 4000.
    [Show full text]
  • The Official Game Design Draft
    The official game design draft OpenCity Design Draft version 0.0.3 1 / 19 Summary I.Existing games......................................................................................................................3 Simcity 1 – 4........................................................................................................................3 The sims 1............................................................................................................................3 Lincity..................................................................................................................................3 PocketCity............................................................................................................................3 Simutrans.............................................................................................................................3 GTA.....................................................................................................................................3 The others............................................................................................................................3 II.What is OpenCity ?..............................................................................................................5 III.The story.............................................................................................................................6 IV.UML design.......................................................................................................................8
    [Show full text]
  • Work Package 2 Collection of Requirements for OS
    Consortium for studying, evaluating, and supporting the introduction of Open Source software and Open Data Standards in the Public Administration Project acronym: COSPA Wor k Package 2 Collection of requirements for OS applications and ODS in the PA and creation of a catalogue of appropriate OS/ODS Solutions D eliverable 2. 1 Catalogue of available Open Source tools for the PA Contract no.: IST-2002-2164 Project funded by the European Community under the “SIXTH FRAMEWORK PROGRAMME” Work Package 2, Deliverable 2.1 - Catalogue of available Open Source tools for the PA Project Acronym COSPA Project full title A Consortium for studying, evaluating, and supporting the introduction of Open Source software and Open Data Standards in the Public Administration Contract number IST-2002-2164 Deliverable 2.1 Due date 28/02/2004 Release date 15/10/2005 Short description WP2 focuses on understanding the OS tools currently used in PAs, and the ODS compatible with these tools. Deliverable D2.1 contains a Catalogue of available open source tools for the PA, including information about the OS currently in use inside PAs, the administrative and training requirements of the tools. Author(s) Free University of Bozen/Bolzano Contributor(s) Conecta, IBM, University of Sheffield Project Officer Tiziana Arcarese Trond Arne Undheim European Commission Directorate-General Information Society Directorate C - Unit C6- eGovernment, BU 31 7/87 rue de la Loi 200 - B-1049 Brussels - Belgium 26/10/04 Version 1.3a page 2/353 Work Package 2, Deliverable 2.1 - Catalogue of available Open Source tools for the PA Disclaimer The views expressed in this document are purely those of the writers and may not, in any circumstances, be interpreted as stating an official position of the European Commission.
    [Show full text]
  • Visualization of Complex Function Graphs in Augmented Reality
    M A G I S T E R A R B E I T Visualization of Complex Function Graphs in Augmented Reality ausgeführt am Institut für Softwaretechnik und Interaktive Systeme der Technischen Universität Wien unter der Anleitung von Univ.Ass. Mag. Dr. Hannes Kaufmann durch Robert Liebo Brahmsplatz 7/11 1040 Wien _________ ____________________________ Datum Unterschrift Abstract Understanding the properties of a function over complex numbers can be much more difficult than with a function over real numbers. This work provides one approach in the area of visualization and augmented reality to gain insight into these properties. The applied visualization techniques use the full palette of a 3D scene graph's basic elements, the complex function can be seen and understood through the location, the shape, the color and even the animation of a resulting visual object. The proper usage of these visual mappings provides an intuitive graphical representation of the function graph and reveals the important features of a specific function. Augmented reality (AR) combines the real world with virtual objects generated by a computer. Using multi user AR for mathematical visualization enables sophisticated educational solutions for studies dealing with complex functions. A software framework that has been implemented will be explained in detail, it is tailored to provide an optimal solution for complex function graph visualization, but shows as well an approach to visualize general data sets with more than 3 dimensions. The framework can be used in a variety of environments, a desktop setup and an immersive setup will be shown as examples. Finally some common tasks involving complex functions will be shown in connection with this framework as example usage possibilities.
    [Show full text]
  • Release Notes for Fedora 15
    Fedora 15 Release Notes Release Notes for Fedora 15 Edited by The Fedora Docs Team Copyright © 2011 Red Hat, Inc. and others. The text of and illustrations in this document are licensed by Red Hat under a Creative Commons Attribution–Share Alike 3.0 Unported license ("CC-BY-SA"). An explanation of CC-BY-SA is available at http://creativecommons.org/licenses/by-sa/3.0/. The original authors of this document, and Red Hat, designate the Fedora Project as the "Attribution Party" for purposes of CC-BY-SA. In accordance with CC-BY-SA, if you distribute this document or an adaptation of it, you must provide the URL for the original version. Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law. Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, MetaMatrix, Fedora, the Infinity Logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries. For guidelines on the permitted uses of the Fedora trademarks, refer to https:// fedoraproject.org/wiki/Legal:Trademark_guidelines. Linux® is the registered trademark of Linus Torvalds in the United States and other countries. Java® is a registered trademark of Oracle and/or its affiliates. XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries. MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries. All other trademarks are the property of their respective owners.
    [Show full text]
  • OFELIA Bridge Setup
    Bridging Devices onto the OFELIA Testbed David R Newman December 10, 2013 1 Introduction The OFELIA testbed makes it possible to bridge devices onto slices created via an island's Expedient site. This document will provide instructions on how to bridge both Linux and Windows devices. OpenVPN is the best suited application for setting up an Ethernet bridge from a Linux virtual machine on the OFELIA testbed. It can be installed as a server package on most Linux distributions and as a client on most Linux and Windows distributions. OpenVPN's Linux instructions on how to do setup an Ethernet bridge using OpenVPN can be found at: http://openvpn.net/index.php/open-source/documentation/miscellaneous/76-ethernet-bridging.html This guide is an adaptation of these instructions for setting up an Ethernet bridge to an OFELIA island virtual machine. It assumes that you have already: 1. Created your own OFELIA account. 2. Connected to the OFELIA testbed network over VPN. 3. Created a project through an OFELIA island's Expedient website . 4. Added a slice to that project. 5. Created a couple of virtual machines on the OFELIA island's virtual machine servers. 6. Congured a owspace connecting together these virtual machines with one or more switches. Section 2 describes the project, test slice and owspace used as an exemplar in this guide. If you need help getting to a similar point follow the instructions at: https://alpha.fp7-ofelia.eu/doc/index.php/Working_with_the_OFELIA_Control_Framework Section 3 describes how to generate the server-side conguration for Ethernet bridging and section 4 how to generate the client-side conguration.
    [Show full text]
  • Modest Talk at Guadec/Desktop Summit 2009
    static void _f_do_barnacle_install_properties(GObjectClass *gobject_class) { GParamSpec *pspec; Modest /* Party code attribute */ pspec = g_param_spec_uint64 Creating a modern mobile (F_DO_BARNACLE_CODE, "Barnacle code.", "Barnacle code", 0, email client with gnome G_MAXUINT64, G_MAXUINT64 /* default value */, G_PARAM_READABLE technologies | G_PARAM_WRITABLE | G_PARAM_PRIVATE); g_object_class_install_property (gobject_class, F_DO_BARNACLE_PROP_CODE, José Dapena Paz jdapena AT igalia DOT com Sergio Villar Senín svillar AT igalia DOT com Brief history ● Started in 2006 ● 2007 Targeted for Maemo Chinook ● December 2007 first beta release ● 2008 Maemo Diablo ● 2009 Development becomes public. Repository moved to git How big is it? ● Modest Total Physical Source Lines of Code (SLOC) = 104,675 ● Tinymail Total Physical Source Lines of Code (SLOC) = 179,363 Goals Easy to use Embedded devices ● Small resources ● Small screen ● Small storage Multiple UI. Common logic Gnome UI Maemo 4/Diablo UI Maemo 5/Fremantle UI Coming soon... Support for most common email protocols ● IMAP ● POP ● SMTP Push email IMAP IDLE Extensibility New plugin architecture Architecture Architecture Gtk+ Hildon 2 GLib Pango GConf GtkHTML Modest Modest Modest Alarm MCE Abook plugin Xproto Plugin Yproto libtinymail-gtk libtinymail-maemo libtinymail-camel camel-lite Camel Xproto Tinymail Camel Yproto IMAP POP SMTP Xproto daemon Camel-lite mmap-ed summaries ● Very reduced memory usage ● Very compact representation on disk ● Efficient use of memory (thx kernel) IMAP IDLE support Camel features out-of-the-box ● Great support for MIME ● Stream based API ● Modular extensible Tinymail ● Multiple platforms ● Simplifies Camel API's ● Integrated Glib mainloop ● Gtk+ widgets ● Asynchronous API. Responsive UI ● Modular design Modest ● Message view based on gtkhtml ● Rich message editor based on wpeditor ● Offline read of messages and folders ● Integration with network status libraries Migration to Hildon 2.2 Hildon 2.2/Fremantle philosophy ● Proper experience with finger in small screens.
    [Show full text]
  • Openbsd Gaming Resource
    OPENBSD GAMING RESOURCE A continually updated resource for playing video games on OpenBSD. Mr. Satterly Updated August 7, 2021 P11U17A3B8 III Title: OpenBSD Gaming Resource Author: Mr. Satterly Publisher: Mr. Satterly Date: Updated August 7, 2021 Copyright: Creative Commons Zero 1.0 Universal Email: [email protected] Website: https://MrSatterly.com/ Contents 1 Introduction1 2 Ways to play the games2 2.1 Base system........................ 2 2.2 Ports/Editors........................ 3 2.3 Ports/Emulators...................... 3 Arcade emulation..................... 4 Computer emulation................... 4 Game console emulation................. 4 Operating system emulation .............. 7 2.4 Ports/Games........................ 8 Game engines....................... 8 Interactive fiction..................... 9 2.5 Ports/Math......................... 10 2.6 Ports/Net.......................... 10 2.7 Ports/Shells ........................ 12 2.8 Ports/WWW ........................ 12 3 Notable games 14 3.1 Free games ........................ 14 A-I.............................. 14 J-R.............................. 22 S-Z.............................. 26 3.2 Non-free games...................... 31 4 Getting the games 33 4.1 Games............................ 33 5 Former ways to play games 37 6 What next? 38 Appendices 39 A Clones, models, and variants 39 Index 51 IV 1 Introduction I use this document to help organize my thoughts, files, and links on how to play games on OpenBSD. It helps me to remember what I have gone through while finding new games. The biggest reason to read or at least skim this document is because how can you search for something you do not know exists? I will show you ways to play games, what free and non-free games are available, and give links to help you get started on downloading them.
    [Show full text]
  • Creating Custom Debian Live for USB FD with Encrypted Persistence
    Creating Custom Debian Live for USB FD with Encrypted Persistence INTRO Debian is a free operating system (OS) for your computer. An operating system is the set of basic programs and utilities that make your computer run. Debian provides more than a pure OS: it comes with over 43000 packages, precompiled software bundled up in a nice format for easy installation on your machine. PRE-REQ * Debian distro installed * Free Disk Space (Depends on you) Recommended Free Space >20GB * Internet Connection Fast * USB Flash Drive atleast 4GB Installing Required Softwares on your distro: Open Root Terminal or use sudo: $ sudo apt-get install debootstrap syslinux squashfs-tools genisoimage memtest86+ rsync apt-cacher-ng live-build live-config live-boot live-boot-doc live-config-doc live-manual live-tools live-manual-pdf qemu-kvm qemu-utils virtualbox virtualbox-qt virtualbox-dkms p7zip-full gparted mbr dosfstools parted Configuring APT Proxy Server (to save bandwidth) Start apt-cacher-ng service if not running # service apt-cacher-ng start Edit /etc/apt/sources.list with your favorite text editor. Terminal # nano /etc/apt/sources.list Output: (depends on your APT Mirror configuration) deb http://security.debian.org/ jessie/updates main contrib non-free deb http://http.debian.org/debian jessie main contrib non-free deb http://ftp.debian.org/debian jessie main contrib non-free Add “localhost:3142” : deb http://localhost:3142/security.debian.org/ jessie/updates main contrib non-free deb http://localhost:3142/http.debian.org/debian jessie main contrib non-free deb http://localhost:3142/ftp.debian.org/debian jessie main contrib non-free Press Ctrl + X and Y to save changes Terminal # apt-get update # apt-get upgrade NOTE: BUG in Debian Live.
    [Show full text]
  • Linux: Come E Perchх
    ÄÒÙÜ Ô ©2007 mcz 12 luglio 2008 ½º I 1. Indice II ½º Á ¾º ¿º ÈÖÞÓÒ ½ º È ÄÒÙÜ ¿ º ÔÔÖÓÓÒÑÒØÓ º ÖÒÞ ×Ó×ØÒÞÐ ÏÒÓÛ× ¾½ º ÄÒÙÜ ÕÙÐ ×ØÖÙÞÓÒ ¾ º ÄÒÙÜ ÀÖÛÖ ×ÙÔÔ ÓÖØØÓ ¾ º È Ð ÖÒÞ ØÖ ÖÓ ÓØ Ù×Ö ¿½ ½¼º ÄÒÙÜ × Ò×ØÐÐ ¿¿ ½½º ÓÑ × Ò×ØÐÐÒÓ ÔÖÓÖÑÑ ¿ ½¾º ÒÓÒ ØÖÓÚÓ ÒÐ ×ØÓ ÐÐ ×ØÖÙÞÓÒ ¿ ½¿º Ó׳ ÙÒÓ ¿ ½º ÓÑ × Ð ××ØÑ ½º ÓÑ Ð ½º Ð× Ñ ½º Ð Ñ ØÐ ¿ ½º ÐÓ ½º ÓÑ × Ò×ØÐÐ Ð ×ØÑÔÒØ ¾¼º ÓÑ ÐØØÖ¸ Ø×Ø ÐÖ III Indice ¾½º ÓÑ ÚÖ Ð ØÐÚ×ÓÒ ¿ 21.1. Televisioneanalogica . 63 21.2. Televisione digitale (terrestre o satellitare) . ....... 64 ¾¾º ÐÑØ ¾¿º Ä 23.1. Fotoritocco ............................. 67 23.2. Grafica3D.............................. 67 23.3. Disegnovettoriale-CAD . 69 23.4.Filtricoloreecalibrazionecolori . .. 69 ¾º ×ÖÚ Ð ½ 24.1.Vari.................................. 72 24.2. Navigazionedirectoriesefiles . 73 24.3. CopiaCD .............................. 74 24.4. Editaretesto............................. 74 24.5.RPM ................................. 75 ¾º ×ÑÔ Ô ´ËÐе 25.1.Montareundiscoounapenna . 77 25.2. Trovareunfilenelsistema . 79 25.3.Vedereilcontenutodiunfile . 79 25.4.Alias ................................. 80 ¾º × ÚÓÐ×× ÔÖÓÖÑÑÖ ½ ¾º ÖÓÛ×Ö¸ ÑÐ ººº ¿ ¾º ÖÛÐРгÒØÚÖÙ× Ð ÑØØÑÓ ¾º ÄÒÙÜ ½ ¿¼º ÓÑ ØÖÓÚÖ ÙØÓ ÖÖÑÒØ ¿ ¿½º Ð Ø×ØÙÐ Ô Ö Ð ×ØÓÔ ÄÒÙÜ ¿¾º ´ÃµÍÙÒØÙ¸ ÙÒ ×ØÖÙÞÓÒ ÑÓÐØÓ ÑØ ¿¿º ËÙÜ ÙÒ³ÓØØÑ ×ØÖÙÞÓÒ ÄÒÙÜ ½¼½ ¿º Á Ó Ò ÄÒÙÜ ½¼ ¿º ÃÓÒÕÙÖÓÖ¸ ÕÙ×ØÓ ½¼ ¿º ÃÓÒÕÙÖÓÖ¸ Ñ ØÒØÓ Ô Ö ½½¿ 36.1.Unaprimaocchiata . .114 36.2.ImenudiKonqueror . .115 36.3.Configurazione . .116 IV Indice 36.4.Alcuniesempidiviste . 116 36.5.Iservizidimenu(ServiceMenu) . 119 ¿º ÃÓÒÕÙÖÓÖ Ø ½¾¿ ¿º à ÙÒ ÖÖÒØ ½¾ ¿º à ÙÒ ÐÙ×ÓÒ ½¿½ ¼º ÓÒÖÓÒØÓ Ò×ØÐÐÞÓÒ ÏÒÓÛ×È ÃÍÙÒØÙ º½¼ ½¿¿ 40.1.
    [Show full text]
  • Computeralgebra & Visualisierung
    Computeralgebra & Visualisierung Alexander Weiße Institut fur¨ Physik, Universit¨at Greifswald, Germany http://theorie2.physik.uni-greifswald.de/member/weisse/casvis/index.html Zwei Gruppen: Dienstag+Donnerstag 10-12 Uhr, Raum A 202 Gliederung Grundlagen UNIX & GNU/Linux Typische Anwendungen Computeralgebra-Systeme Einfuhrung¨ & Uberblick¨ Maxima Maple Axiom Graphische Darstellung von Daten Gnuplot Grace LabPlot Numerische Werkzeuge & Graphik Octave Visualization Toolkit (VTK) Matlab & Scilab Fortgeschrittene Themen & Erganzungen¨ Animation Software fur¨ Prasentationen¨ Computer I Schematischer Aufbau eines Rechners I Was macht ein Betriebsystem? I Verwaltet Ressourcen des Rechners: I Umfaßt Programme fur¨ Steuerung und Zugriff auf Hardware (Speicher, Laufwerke, Netzwerk, . ) I Verteilt Arbeitsleistung der CPU und Speicher auf verschiedene Programme Betriebssystem GNU/Linux I Urahn: Unix I Betriebssystem, 1969 entwickelt bei AT&T / Bell Labs I Weit verbeitet im akademischen Umfeld (zusammen mit der Programmiersprache C) I Ausgelegt auf Portabilit¨at, Multi-Tasking- und Multi-User-Betrieb I Besteht aus einem Kern und vielen Programmen, die uber¨ einen Kommandozeilen-Interpreter gesteuert werden I 1991: Ausgehend vom Unix-System Minix entwickelt Linus Torvalds ein Betriebsystem fur¨ PCs mit Intel 80386 Prozessor. Zusammen mit der freien Software aus dem GNU Projekt entsteht GNU/Linux I Was bedeutet “freie Software”? Nach Definition der Free Software Foundation soll der Nutzer das Recht haben, I das Programm zu jedem Zweck auszufuhren,¨ I
    [Show full text]