A Unix process may call another process without fully trusting it. In this situation, the caller may want the called process to have access only to the objects that the caller explicitly passes to it, and not to arbitrary files owned by the caller. One possible solution is to create a restricted user ID, and execute the called process under this restricted UID. In some flavors of UNIX, any process can use setuid() to set its EUID to RUID. Are thereany security implications for the situation described above, where one process calls another under a restricted UID? Assume that either the caller, or the callee may be malicious.
A Unix process may call another process without fully trusting it. In this situation, the caller may want the called process to have access only to the objects that the caller explicitly passes to it, and not to arbitrary files owned by the caller. One possible solution is to create a restricted user ID, and execute the called process under this restricted UID. In some flavors of UNIX, any process can use setuid() to set its EUID to RUID. Are thereany security implications for the situation described above, where one process calls another under a restricted UID? Assume that either the caller, or the callee may be malicious.
Computer Networking: A Top-Down Approach (7th Edition)
7th Edition
ISBN:9780133594140
Author:James Kurose, Keith Ross
Publisher:James Kurose, Keith Ross
Chapter1: Computer Networks And The Internet
Section: Chapter Questions
Problem R1RQ: What is the difference between a host and an end system? List several different types of end...
Related questions
Question
A Unix process may call another process without fully trusting it. In this situation, the caller may want the called process to have access only to the objects that the caller explicitly passes to it, and not to arbitrary files owned by the caller. One possible solution is to create a restricted user ID, and execute the called process under this restricted UID.
In some flavors of UNIX, any process can use setuid() to set its EUID to RUID. Are thereany security implications for the situation described above, where one process calls another under a restricted UID? Assume that either the caller, or the callee may be malicious.
Expert Solution
This question has been solved!
Explore an expertly crafted, step-by-step solution for a thorough understanding of key concepts.
This is a popular solution!
Trending now
This is a popular solution!
Step by step
Solved in 2 steps
Recommended textbooks for you
Computer Networking: A Top-Down Approach (7th Edi…
Computer Engineering
ISBN:
9780133594140
Author:
James Kurose, Keith Ross
Publisher:
PEARSON
Computer Organization and Design MIPS Edition, Fi…
Computer Engineering
ISBN:
9780124077263
Author:
David A. Patterson, John L. Hennessy
Publisher:
Elsevier Science
Network+ Guide to Networks (MindTap Course List)
Computer Engineering
ISBN:
9781337569330
Author:
Jill West, Tamara Dean, Jean Andrews
Publisher:
Cengage Learning
Computer Networking: A Top-Down Approach (7th Edi…
Computer Engineering
ISBN:
9780133594140
Author:
James Kurose, Keith Ross
Publisher:
PEARSON
Computer Organization and Design MIPS Edition, Fi…
Computer Engineering
ISBN:
9780124077263
Author:
David A. Patterson, John L. Hennessy
Publisher:
Elsevier Science
Network+ Guide to Networks (MindTap Course List)
Computer Engineering
ISBN:
9781337569330
Author:
Jill West, Tamara Dean, Jean Andrews
Publisher:
Cengage Learning
Concepts of Database Management
Computer Engineering
ISBN:
9781337093422
Author:
Joy L. Starks, Philip J. Pratt, Mary Z. Last
Publisher:
Cengage Learning
Prelude to Programming
Computer Engineering
ISBN:
9780133750423
Author:
VENIT, Stewart
Publisher:
Pearson Education
Sc Business Data Communications and Networking, T…
Computer Engineering
ISBN:
9781119368830
Author:
FITZGERALD
Publisher:
WILEY