DOCSLIB.ORG

Linux Authentication and Access Control 5-2

Total Page:16

File Type:pdf, Size:1020Kb

Download full-text PDF Read full-text
Linux Authentication and Access Control 5-2 What is Authentication? Linux Authentication and Authentication binds a subject/principal outside the computer to an Access Control identity inside the computer. All subsequent stages assume the mapping is correct, so this is really important! fturbak Tuesday, September 18, 2012 Reading: Pollock Article; Hacking Linux Exposed gdome CS342 Computer Security root Department of Computer Science Wellesley College sanderso Linux Authentication and Access Control 5-2 Plaintext Password File Hashed Password File o Use one-way hash function (more on these later in the semester). o Intercepted password can be entered to impersonate user. o Intercepted hashed password cannot be entered for user. username: gdome o Password file must be private. username: gdome password: albatross password: albatross o Password file can be public (but still better private). Early Linux had /etc/passwd public. Now separates hash(albatross) = public /etc/passwd (user info) from albatross Npge08pfz4wuk private /etc/shadow (hashed passwords) fbar:pass34word fbar:Yt8w67aiewrH3 o Early linux used crypt function gdome:albatross gdome:Npge08pfz4wuk for hashing. qsera:S&L:DSiaNW qsera:vj9awiEU9KwtF password file password file o Subject to password cracking. Linux Authentication and Access Control 5-3 Linux Authentication and Access Control 5-4 Password Cracking Hashed & Salted Password File o Online cracking (ATM PINs, keypad locks on doors, interactive o Salt stored in password entry password input): combined with password before • Try common patterns followed by exhaustive brute-force search hashing. • Thwarted by long passwords (search space too large) and retry limitations o Thwarts precomputation of large (max of n attempts, exponential backoff). username: gdome hash dictionaries. o Offline cracking (e.g. hashed password file) password: albatross • Examples: john (the Ripper), crack o Linux allows /etc/shadow files with both salted MD5 passwords and • Can afford more computation. hash(d6tpFiwO, old-style crypt passwords. • Step 1: plain dictionary words (including names) albatross) = and user info (username). rBD5jd1ASAYatV2UuAlXW. • Step 2: transformations: insert digits, leetspeak (1337) • Step 3: brute force generation fbar:Yt8w67aiewrH3 gdome:$1$d6tpFiwO$rBD5jd1ASAYatV2UuAlXW. • Thwarted by long, non-dictionary passwords that pass qsera:$1$oVprdczq$NyoQ5WzZxeigDRBUCjQbg7 cracking attempts. password file Linux Authentication and Access Control 5-5 Linux Authentication and Access Control 5-6 Choosing Passwords (http://xkcd.com/936/) Linux IDs and /etc/passwd Each user has a user id (uid) and belongs to (possibly several) groups each of which has a gid. uid and default gid are stored in /etc/passwd. E.g, in my Fedora VM: root:x:0:0:root:/root:/bin/bash bin:x:1:1:bin:/bin:/sbin/nologin daemon:x:2:2:daemon:/sbin:/sbin/nologin adm:x:3:4:adm:/var/adm:/sbin/nologin lp:x:4:7:lp:/var/spool/lpd:/sbin/nologin sync:x:5:0:sync:/sbin:/bin/sync shutdown:x:6:0:shutdown:/sbin:/sbin/shutdown halt:x:7:0:halt:/sbin:/sbin/halt mail:x:8:12:mail:/var/spool/mail:/sbin/nologin news:x:9:13:news:/etc/news: uucp:x:10:14:uucp:/var/spool/uucp:/sbin/nologin ... lynux:x:500:500:Franklyn Turbak:/home/lynux:/bin/bash gdome:x:501:501:Georgia Dome:/home/gdome:/bin/bash cs342:x:502:502:CS342 Account:/home/cs342:/bin/bash Linux Authentication and Access Control 5-7 Linux Authentication and Access Control 4-8 /etc/group /etc/shadow /etc/group defines groups and Sysadmins can define new groups, lists which users belong to them. /etc/shadow contains hashed passwords: e.g. on puma root:$1$SdMYD5fz$cr120C7tA0wDhXPrQHc3H1:15583:0:99999:7::: root:x:0:root bin:*:13665:0:99999:7::: bin:x:1:root,bin,daemon • faculty (all cs faculty) daemon:*:13665:0:99999:7::: daemon:x:2:root,bin,daemon • adm:*:13665:0:99999:7::: sys:x:3:root,bin,adm cs111sta (members of the … adm:x:4:root,adm,daemon CS111 teaching staff) lynux:$1$mUwRqvWp$2yfe5MJV0HbtdcDad8E7i/:15583:0:99999:7::: tty:x:5: • cs251stu (cs251 students) gdome:$1$d6tpFiwO$rBD5jd1ASAYatV2UuAlXW.:14274:0:99999:7::: disk:x:6:root cs342:$1$kmTSYJoG$0AnYYfykI2e/nWPRXdjwO.:14194:0:99999:7::: lp:x:7:daemon,lp mem:x:8: kmem:x:9: wheel:x:10:root Your Ubuntu VM uses longer salts and hashes: ... lynux:x:500: wendy:$6$FoFIUVCi$/FUkEldzfdJXMefmv/s76m4wRpeZPnHjsVdJ9pO.QgKWuZmV gdome:x:501: cjt5J53lZ8Sifj9Q3Pm6n6ukR9p8A1\43mnE2Q0:15594:0:99999:7::: cs342:x:502: cs342sta:x:503:cs342,lynux cs342stu:x:504:cs342,gdome,lynux Linux Authentication and Access Control 5-9 Linux Authentication and Access Control 5-10 LDAP Checking/Changing Who You Are Our networked dept. machines now use LDAP, a database system for o whoami: name associated with current uid users/groups that does not use /etc/passwd and /etc/group directly. o groups: groups of which current uid is a member (But you will be using /etc/passwd and /etc/group on the machines you o su username : "become" username administer in E125.) o su - username: "become" username, using initialization files On puma, use getent command to get info from the LDAP database: o su: "become" root (su = superuser) [fturbak@puma ~] getent passwd fturbak o sudo command: Execute command as root fturbak:x:708:708:Franklyn Turbak:/home/fturbak:/bin/bash (if youre in /etc/sudoers and you give your password.) [fturbak@puma ~] getent passwd acarnigl acarnigl:x:4568:4569:Allison Carniglia class of 2013:/students/acarnigl:/usr/local/bin/scponly # /usr/local/bin/scponly only allows SCP, not login access. For 110/111 students [fturbak@puma ~] getent group cs242stu cs242stu:x:4678:networks,fturbak,amckenna,choover,clee2,cvaldes,kneugent,ksulliv3,lbell, gwunnava,skim17 http://xkcd.com/688/ Linux Authentication and Access Control 5-11 Linux Authentication and Access Control 5-12 Checking/Changing Who You Are: Examples sudo in Ubuntu [fturbak@puma ~] whoami fturbak [fturbak@puma ~] echo $UID The culture in Ubuntu is to use sudo rather than su to root. 708 [fturbak@puma ~] groups fturbak faculty cvs lumberjacks cs301stu cs301pri cs301sta itr2004 • Reminds you that you’re doing rooty things: less likely to cs230pri cs230sta cs230stu cs251pri cs251stu … accidentally do something bad (e.g. rm –rf * on /) [fturbak@puma ~] su – gdome Password: ********** • Don’t have to remember root password, only your own. [gdome@puma ~] whoami gdome • Can still become root if you want to (red part not echoed) [gdome@puma ~] echo $UID 707 wendy@cs342-ubuntu-1:~$ sudo su – [gdome@puma ~] groups gdome cs301stu cs230stu cs251stu cs235stu cs242stu [sudo] password for wendy: Tr0ub4dor&# [gdome@puma ~] su – root@cs342-ubuntu-1:~# Password: ********** [root@puma ~] whoami root [root@puma ~] echo $UID 0 [root@puma ~] groups root bin daemon sys adm disk wheel Linux Authentication and Access Control 5-13 Linux Authentication and Access Control 5-14 passwd: Change Password useradd: Create User Account Sudoer wendy changes guest password (red parts not echoed) Sudoer wendy adds user acct1 wendy@cs342-ubuntu-1:~$! sudo passwd guest wendy@cs342-ubuntu-1:~$! sudo useradd -m -s /bin/bash [sudo] password for wendy: Tr0ub4dor&# acct1 [sudo] password for wendy: Tr0ub4dor&# Enter new UNIX password: foobar Retype new UNIX password: foobar • By default, puts user in empty group with same name as user passwd: password updated successfully /etc/passwd now has: acct1:x:1101:1101::/home/acct1:/bin/bash! /etc/group now has: acct1:x:1101: • As root, wouldn’t need extra sudo password • Still need to set password (via passwd); ! in /etc/shadow locks user out: acct1:!:15601:0:99999:7::: • Can change anyone’s password as root • -m creates account /home/acct1 • Anyone change her own password w/o being root. • -s specifies shell program for user. • Many more options; see man useradd • Add user to group sudo to make her a sudoer • There are graphical user interfaces for creating accounts, setting passwords, etc. but you will not have access to these in CTF. So best to learn shell commands instead! Linux Authentication and Access Control 5-15 Linux Authentication and Access Control 5-16 File Permissions in Linux What Do Permissions Mean? [lynux@localhost cs342]$ ls -al handouts total 68 o On file: drwxrwx--- 4 lynux lynux 4096 2008-09-12 07:36 . drwxrwxr-x 6 lynux lynux 4096 2008-09-02 03:08 .. r: can read from file drwxrwx--- 2 lynux lynux 4096 2008-09-02 03:15 course-info -rw-rw---- 1 lynux lynux 638 2008-09-09 08:59 linux-commands.txt w: can write to file -rw-rw---- 1 lynux lynux 12335 2008-09-12 07:33 os-security.txt -rw-rw---- 1 lynux lynux 3073 2008-09-11 21:27 os-security.txt~ x: can execute file as a program drwxrwx--- 2 lynux lynux 4096 2008-09-09 05:38 security o On directory: How do you read a permission string (e.g. drwxrwxr-x, -rw-rw----)? r: can list the filenames in the directory. Leftmost chars: Other 9 chars: w: can add new file and delete existing file read (r), write (w), execute (x) (even if don't have any permissions on file!) - normal file permissions for 3 entities: x: can cd to directory and “search” files in directory d directory • 3 chars for owner (u=user); (i.e., get inode information necessary for file contents.) l link • 3 for group (g); s socket • 3 for everyone else (o=other) Linux Authentication and Access Control 5-17 Linux Authentication and Access Control 5-18 Special permissions Permissions as Bits & Octal Numbers There are 12 (not 9) permission bits in Linux. 11 10 9 8 7 6 5 4 3 2 1 0 11 10 9 8 7 6 5 4 3 2 1 0 set set stic- user user user group group group other other other uid gid key r w x r w x r w x set set stic- user user user group group group other other other
Load more

Recommended publications
  • Process Text Streams Using Filters
    Process Text Streams Using Filters OBJECTIVE: Candidates should should be able to apply filters to text streams. 1 Process Text Streams Using Filters KeyKEY knowledge KNOWLEDGE area(s): AREAS: Send text files and output streams through text utility filters to modify the output using standard UNIX commands found in the GNU textutils package. 2 Process Text Streams Using Filters KEY FILES,TERMS, UTILITIES cat nl tail cut paste tr expand pr unexpand fmt sed uniq head sort wc hexdump split join tac 3 cat cat the editor - used as a rudimentary text editor. cat > short-message we are curious to meet penguins in Prague Crtl+D *Ctrl+D - command is used for ending interactive input. 4 cat cat the reader More commonly used to flush text to stdout. Options: -n number each line of output -b number only non-blank output lines -A show carriage return Example cat /etc/resolv.conf ▶ search mydomain.org nameserver 127.0.0.1 5 tac tac reads back-to-front This command is the same as cat except that the text is read from the last line to the first. tac short-message ▶ penguins in Prague to meet we are curious 6 head or tail using head or tail - often used to analyze logfiles. - by default, output 10 lines of text. List 20 first lines of /var/log/messages: head -n 20 /var/log/messages head -20 /var/log/messages List 20 last lines of /etc/aliases: tail -20 /etc/aliases 7 head or tail The tail utility has an added option that allows one to list the end of a text starting at a given line.
    [Show full text]
  • A Brief Introduction to Unix-2019-AMS
    Brief Intro to Linux/Unix Brief Intro to Unix (contd) A Brief Introduction to o Brief History of Unix o Compilers, Email, Text processing o Basics of a Unix session o Image Processing Linux/Unix – AMS 2019 o The Unix File System Pete Pokrandt o Working with Files and Directories o The vi editor UW-Madison AOS Systems Administrator o Your Environment [email protected] o Common Commands Twitter @PTH1 History of Unix History of Unix History of Unix o Created in 1969 by Kenneth Thompson and Dennis o Today – two main variants, but blended o It’s been around for a long time Ritchie at AT&T o Revised in-house until first public release 1977 o System V (Sun Solaris, SGI, Dec OSF1, AIX, o It was written by computer programmers for o 1977 – UC-Berkeley – Berkeley Software Distribution (BSD) linux) computer programmers o 1983 – Sun Workstations produced a Unix Workstation o BSD (Old SunOS, linux, Mac OSX/MacOS) o Case sensitive, mostly lowercase o AT&T unix -> System V abbreviations 1 Basics of a Unix Login Session Basics of a Unix Login Session Basics of a Unix Login Session o The Shell – the command line interface, o Features provided by the shell o Logging in to a unix session where you enter commands, etc n Create an environment that meets your needs n login: username n Some common shells n Write shell scripts (batch files) n password: tImpAw$ n Define command aliases (this Is my password At work $) Bourne Shell (sh) OR n Manipulate command history IHateHaving2changeMypasswordevery3weeks!!! C Shell (csh) n Automatically complete the command
    [Show full text]
  • CSC 405 Computer Security Linux Security
    CSC 405 Computer Security Linux Security Alexandros Kapravelos [email protected] Unix / Linux • Started in 1969 at AT&T / Bell Labs • Split into a number of popular branches – BSD, System V (commercial, AT&T), Solaris, HP-UX, AIX • Inspired a number of Unix-like systems – Linux, Minix • Standardization attempts – POSIX, Single Unix Specification (SUS), Filesystem Hierarchy Standard (FHS), Linux Standard Base (LSB), ELF OS Security • Kernel vulnerability – usually leads to complete system compromise – attacks performed via system calls Kernel vulnerabilities Kernel vulnerabilities Kernel exploitation research is active Unleashing Use-Before-Initialization Vulnerabilities in the Linux Kernel Using Targeted Stack Spraying • reliably exploiting uninitialized uses on the kernel stack has been considered infeasible • code executed prior to triggering the vulnerability must leave an attacker-controlled pattern on the stack • a fully automated targeted stackspraying approach for the Linux kernel that reliably facilitates the exploitation of uninitialized uses • published in NDSS 2017 source: https://www.cc.gatech.edu/~klu38/publications/ubi-ndss17.pdf Unix • Code running in user mode is always linked to a certain identity – security checks and access control decisions are based on user identity • Unix is user-centric – no roles • User – identified by username (UID), group name (GID) – typically authenticated by password (stored encrypted) • User root – superuser, system administrator – special privileges (access resources, modify OS) – cannot
    [Show full text]
  • How the /Etc/Passwd File Relates to the Laua User
    Page 1 (2) System Foundation 9.0 laua User and Group How the /etc/passwd File Relates to the laua User Scenario Most users who need access to the Lawson environment will need to have a user account set up on the Operating System where Lawson System Foundation 9.0 has been installed. Users will need resources allocated to run their jobs and space in the directory structure to store their print files. The user account on the Operating System is what allows the allocation of resources and space. In the example presented in this session, users are associated to the Unix Operating System and setup via the /etc/passwd file. The information stored on the user account in the file is used by Lawson’s Legacy Security System, laua. This scenario will present the /etc/passwd file and highlight the important parts of the user represented in the file and how it relates to user setup. Workflow Step 1 of 3: To verify that a user has an account on the Unix Operating System where the Lawson server resides, view the /etc/passwd file on the Lawson server. To do so, you must first access a command line which can be done either through LID (Lawson Insight Desktop) or through lawterminal which is command line access through the Lawson portal. This demonstration will use LID. First access your command line. Action: Type in 'cd /etc' and press the 'Enter' key. © Copyright Lawson Learning 2008 Page 2 (2) Step 2 of 3: You can use any method you choose to view the file.
    [Show full text]
  • Environment Variable and Set-UID Program Lab 1
    SEED Labs – Environment Variable and Set-UID Program Lab 1 Environment Variable and Set-UID Program Lab Copyright © 2006 - 2016 Wenliang Du, All rights reserved. Free to use for non-commercial educational purposes. Commercial uses of the materials are prohibited. The SEED project was funded by multiple grants from the US National Science Foundation. 1 Overview The learning objective of this lab is for students to understand how environment variables affect program and system behaviors. Environment variables are a set of dynamic named values that can affect the way running processes will behave on a computer. They are used by most operating systems, since they were introduced to Unix in 1979. Although environment variables affect program behaviors, how they achieve that is not well understood by many programmers. As a result, if a program uses environment variables, but the programmer does not know that they are used, the program may have vulnerabilities. In this lab, students will understand how environment variables work, how they are propagated from parent process to child, and how they affect system/program behaviors. We are particularly interested in how environment variables affect the behavior of Set-UID programs, which are usually privileged programs. This lab covers the following topics: • Environment variables • Set-UID programs • Securely invoke external programs • Capability leaking • Dynamic loader/linker Readings and videos. Detailed coverage of the Set-UID mechanism, environment variables, and their related security problems can be found in the following: • Chapters 1 and 2 of the SEED Book, Computer & Internet Security: A Hands-on Approach, 2nd Edition, by Wenliang Du.
    [Show full text]
  • The AWK Programming Language
    The Programming ~" ·. Language PolyAWK- The Toolbox Language· Auru:o V. AHo BRIAN W.I<ERNIGHAN PETER J. WEINBERGER TheAWK4 Programming~ Language TheAWI(. Programming~ Language ALFRED V. AHo BRIAN w. KERNIGHAN PETER J. WEINBERGER AT& T Bell Laboratories Murray Hill, New Jersey A ADDISON-WESLEY•• PUBLISHING COMPANY Reading, Massachusetts • Menlo Park, California • New York Don Mills, Ontario • Wokingham, England • Amsterdam • Bonn Sydney • Singapore • Tokyo • Madrid • Bogota Santiago • San Juan This book is in the Addison-Wesley Series in Computer Science Michael A. Harrison Consulting Editor Library of Congress Cataloging-in-Publication Data Aho, Alfred V. The AWK programming language. Includes index. I. AWK (Computer program language) I. Kernighan, Brian W. II. Weinberger, Peter J. III. Title. QA76.73.A95A35 1988 005.13'3 87-17566 ISBN 0-201-07981-X This book was typeset in Times Roman and Courier by the authors, using an Autologic APS-5 phototypesetter and a DEC VAX 8550 running the 9th Edition of the UNIX~ operating system. -~- ATs.T Copyright c 1988 by Bell Telephone Laboratories, Incorporated. All rights reserved. No part of this publication may be reproduced, stored in a retrieval system, or transmitted, in any form or by any means, electronic, mechanical, photocopy­ ing, recording, or otherwise, without the prior written permission of the publisher. Printed in the United States of America. Published simultaneously in Canada. UNIX is a registered trademark of AT&T. DEFGHIJ-AL-898 PREFACE Computer users spend a lot of time doing simple, mechanical data manipula­ tion - changing the format of data, checking its validity, finding items with some property, adding up numbers, printing reports, and the like.
    [Show full text]
  • SETUID Programming Due: February 15, 2017
    CSC 482/582 Assignment #3 (100 points) SETUID Programming Due: February 15, 2017 1 Introduction The learning objective of this assignment is for students to understand how environment variables affect program and system behaviors. Environment variables are a set of dynamic named values that can affect the way running processes will behave on a computer. They are used by most operating systems, including Unix and Windows. Although environment variables affect program behaviors, how they achieve that is not well understood by many programmers. Therefore, if a program uses environment variables, but the programmer do not know that they are used, the program may have vulnerabilities. In this assignment, students will learn how environment variables work, how they are propogated from parent process to child, and how they affect system/program bahivors. We are particularly interested in how environment variables affect the behavior of SETUID programs, which are usually privileged programs. SETUID is an important security mechanism in Unix operating systems. When a regular program is run, it runs with the privilege of the user executing that program. When a SETUID program is run, it runs with the privilege of the program file owner. For example, if the program’s owner is root, then when anyone runs this program, the program gains root’s privileges during its execution. SETUID allows us to perform essential tasks, such as changing passwords, but vulnerabilities in SETUID programs can allow an adversary to perform local privilege escalation. While the SETUID concept is limited to Unix, the problems of dangerous environment variables and local privilege escalation exists on all operating systems.
    [Show full text]
  • Basic Unix/Linux Commands
    Unix/Linux Basic commands Learn the basics of grep, sed, awk, find, sort, uniq, cut, cat, etc We will study them using sample requirements 1. Determine all the users that are having at least two first names. Using /etc/passwd file as an input. 2. Replace all the bash shells with csh in the /etc/passwd file. Eg. /bin/bash should be replaced with /bin/csh. 3. Replace all the home directories with /home/missing in the same /etc/passwd file. 4. Count the number of lines in a file. 5. Count the number of words starting with letter b/B in /etc/passwd file. 6. Determine the most popular family name found in the /etc/passwd file. 7. Display all text file names in the current directory ordered by their name. 8. Display all the files having more than 100 bytes. 9. Display all the files that the current user has at least read permission. 10. Sort the content of the /etc/passwd file ascending/descending by the fifth column. 11. Display the first 25 lines from the /etc/passwd file. 12. Display the last 30 lines from the /etc/passwd file. 13. If a file has N lines display the lines between N/2 and N/2+10. 14. Display all the unique parent directories from the /etc/passwd file. Eg. on the sixth column we have the home directory, like: /home/scs/master/an1/gr246/abicr2020, from this we will consider the /home/scs/master/an1/gr246/ as the parent directory. 15. Display the first 10 characters from each line of /etc/passwd file.
    [Show full text]
  • Manipulating Files and Directories
    MANIPULATING FILES AND DIRECTORIES At this point, we are ready for some real work! This chapter will introduce the following commands: z cp—Copy files and directories. z mv—Move/rename files and directories. z mkdir—Create directories. z rm—Remove files and directories. z ln—Create hard and symbolic links. These five commands are among the most frequently used Linux com- mands. They are used for manipulating both files and directories. Now, to be frank, some of the tasks performed by these commands are more easily done with a graphical file manager. With a file manager, we can drag and drop a file from one directory to another, cut and paste files, delete files, and so on. So why use these old command-line programs? www.it-ebooks.info The answer is power and flexibility. While it is easy to perform simple file manipulations with a graphical file manager, complicated tasks can be easier with the command-line programs. For example, how could we copy all the HTML files from one directory to another—but only those that do not exist in the destination directory or are newer than the versions in the destination directory? Pretty hard with a file manager. Pretty easy with the command line: cp -u *.html destination Wildcards Before we begin using our commands, we need to talk about the shell fea- ture that makes these commands so powerful. Because the shell uses file- names so much, it provides special characters to help you rapidly specify groups of filenames. These special characters are called wildcards.
    [Show full text]
  • Least Privilege and Privilege Separation
    CSE 127: Computer Security Least privilege and privilege separation Deian Stefan Slides adopted from John Mitchell, Dan Boneh, and Stefan Savage This week… • How to build secure systems ➤ Least privilege and privilege separation ➤ Sandboxing and isolation • Key is underlying principles not mechanisms ➤ We’re going to look at systems techniques ➤ Other ways to achieve similar goals: language-based Principles of secure design • Principle of least privilege • Privilege separation • Defense in depth ➤ Use more than one security mechanism ➤ Fail securely/closed • Keep it simple Principles of secure design • Principle of least privilege • Privilege separation • Defense in depth ➤ Use more than one security mechanism ➤ Fail securely/closed • Keep it simple Principle of Least Privilege Defn: A system should only have the minimal privileges needed for its intended purposes • What’s a privilege? ➤ Ability to access (e.g., read or write) a resource Principle of Least Privilege Defn: A system should only have the minimal privileges needed for its intended purposes • What’s a privilege? ➤ Ability to access (e.g., read or write) a resource Principle of Least Privilege Defn: A system should only have the minimal privileges needed for its intended purposes • What’s a privilege? ➤ Ability to access (e.g., read or write) a resource What’s the problem with this defn? • Talking about a huge, monolith system is not really useful • Why? Network Network User input User device File system File system Breaking a system into components • Compartmentalization and isolation ➤ Separate the system into isolated compartments ➤ Limit interaction between compartments • Why is this more meaningful? Network Network User input User device File system File system How dow we break things apart? Map compartment to user ids! • Recall: permissions in UNIX granted according to UID ➤ A process may access files, network sockets, ….
    [Show full text]
  • A. -D B. -L C. -1 D. -I E. -A A
    Ian! D. Allen − Fall 2012 -1- 45 minutes Ian! D. Allen − Fall 2012 -2- 45 minutes 7. [61/123] If I am in my home directory named /home/me and mt is an empty sub- Test Version: ___ Print Name: directory,what is true after this command line: touch ./foo ; mv ./mt/../foo ../me/bar Multiple Choice - 52 Questions - 15 of 15% a. the directory mt nowcontains only a file named bar 1. Read all the instructions and both sides (back and front) of all pages. b. there is a second copyofthe file named foo in the file named bar 2. Put the Test Version above into NO. OF QUESTIONS and NO. OF STUDENTS c. the command fails because path ./mt/../foo does not exist 3. Answer the questions you know, first. One Answer Only per question. d. the command fails because path ../me/bar does not exist 4. Manage your time when answering questions on this test! e. the directory mt/.. nowhas a file named bar in it 8. [63/125] In the output of ls -a,the one-character name . signifies what? 1. [49/126] If my current directory is /bin,which of these pathnames is equivalent to the file name /bin/ls? a. Acurrent file. a. ../bin/ls/. b. /root/bin/ls c. ls/. b. The current directory. d. ./bin/ls e. ../../bin/ls c. The parent directory. d. Aname that is hidden. 2. [52/125] If my current working directory is /home,and my home directory is e. Aname with an unprintable character. /home/ian,which command copies file /bin/ls into my home directory under the name me? 9.
    [Show full text]
  • Linux Networking Cookbook.Pdf
    Linux Networking Cookbook ™ Carla Schroder Beijing • Cambridge • Farnham • Köln • Paris • Sebastopol • Taipei • Tokyo Linux Networking Cookbook™ by Carla Schroder Copyright © 2008 O’Reilly Media, Inc. All rights reserved. Printed in the United States of America. Published by O’Reilly Media, Inc., 1005 Gravenstein Highway North, Sebastopol, CA 95472. O’Reilly books may be purchased for educational, business, or sales promotional use. Online editions are also available for most titles (safari.oreilly.com). For more information, contact our corporate/institutional sales department: (800) 998-9938 or [email protected]. Editor: Mike Loukides Indexer: John Bickelhaupt Production Editor: Sumita Mukherji Cover Designer: Karen Montgomery Copyeditor: Derek Di Matteo Interior Designer: David Futato Proofreader: Sumita Mukherji Illustrator: Jessamyn Read Printing History: November 2007: First Edition. Nutshell Handbook, the Nutshell Handbook logo, and the O’Reilly logo are registered trademarks of O’Reilly Media, Inc. The Cookbook series designations, Linux Networking Cookbook, the image of a female blacksmith, and related trade dress are trademarks of O’Reilly Media, Inc. Java™ is a trademark of Sun Microsystems, Inc. .NET is a registered trademark of Microsoft Corporation. Many of the designations used by manufacturers and sellers to distinguish their products are claimed as trademarks. Where those designations appear in this book, and O’Reilly Media, Inc. was aware of a trademark claim, the designations have been printed in caps or initial caps. While every precaution has been taken in the preparation of this book, the publisher and author assume no responsibility for errors or omissions, or for damages resulting from the use of the information contained herein.
    [Show full text]