Minix Security
Essay Preview: Minix Security
Report this essay
To Design and implement the set- Random UID mechanism.
Lab Report .
Step 1.
The unused sticky bit in the permission field of the I-node data structure (defined in /usr/src/fs/inode.h) is used. This sticky bit is disabled in the usr/include/minix/const.h
To enable set random uid mechanism :
We have to enable the sticky bit , say, for a file
chmod +t filename
I made a file fd.c in which I was editing another text file named tested txt.
Both fd and tested.txt are owned by a normal user t2.
chmod +t fd
Following is the code for the program, with permissions 765 which can write malicious data into a text file tested.txt
fd.c
#include
#include
#include
#include
#include
#include
main(void)
{
int fd;
setuid(getuid());
/*setgid(getgid());*/
fd=open(ÐŽ§/cs/tested.txtÐŽÐ, O_RDWR | O_APPEND);
if (fork())
close(fd);
exit(0);
else
write (fd, ÐŽ§n yes I can write