<< Chapter < Page Chapter >> Page >

Access Lists: with each file, indicate which users are allowed to perform which operations.

  • In the most general form, each file has a list of pairs.
  • It would be tedious to have a separate listing for every user, so they are usually grouped into classes. For example, in Unix there are threeclasses: self, group, anybody else (nine bits per file).
  • Access lists are simple, and are used in almost all file systems.

Capabilities: with each user, indicate which files may be accessed, and in what ways.

  • Store a list of pairs with each user. This is called a capability list.
  • Typically, capability systems use a different naming arrangement, where the capabilities are the only names of objects. You cannoteven name objects not referred to in your capability list.
  • In access-list systems, the default is usually for everyone to be able to access a file. In capability-based systems, the default is for no-oneto be able to access a file unless they have been given a capability. There isno way of even naming an object without a capability.
  • Capabilities are usually used in systems that need to be very secure. However, capabilities can make it difficult to share information: nobodycan get access to your stuff unless you explicitly give it to them.

Are the following things access-based or capability-based protection schemes?

  • Protection Keys
  • Page tables

Access enforcement

Some part of the system must be responsible for enforcing access controls and protecting the authorization and identificationinformation.

  • Obviously, this portion of the system must run unprotected. Thus it should be as small and simple as possible. Example: the portion of the systemthat sets up memory mapping tables.
  • The portion of the system that provides and enforces protection is called the security kernel. Most systems, like Unix, do not have a securitykernel. As a consequence, the systems are not very secure.
  • What is needed is a hierarchy of levels of protection, with each level getting the minimum privilege necessary to do its job. However, this islikely to be slow (crossing levels takes time).

File system security

The problem addressed by the security system is how are information and resources protected from people. Issues include the contentsof data files which are a privacy issue, and the use of resources, which is an accounting issue. Security must pervade the system, or the system is insecure,but the file system is a particularly good place to discuss security because its protection mechanisms are visible, and the things it protects are very concrete(for a computer system).

We're talking about some interesting stuff when we talk about security. For certain people who like puzzles, finding loopholes insecurity systems and understanding them to the point of breaking them is a challenge. I understand the lure of this. Remember, however, that everyone usingthese machines is a student like yourself who deserves the same respect that you do. Breaking into another person's files is like breaking into their home, andshould not be taken lightly either by those breaking in, or those who catch them. Uninvited intrusions should be dealt with harshly (for example, it's afelony to break into a machine that stores medical records). If you really want to play around with UNIX(R) security, get yourself a linux box and play to yourheart's content; don't break into someone's account here and start deleting files.

Questions & Answers

given eccentricity and a point find the equiation
Moses Reply
12, 17, 22.... 25th term
Alexandra Reply
12, 17, 22.... 25th term
Akash
College algebra is really hard?
Shirleen Reply
Absolutely, for me. My problems with math started in First grade...involving a nun Sister Anastasia, bad vision, talking & getting expelled from Catholic school. When it comes to math I just can't focus and all I can hear is our family silverware banging and clanging on the pink Formica table.
Carole
find the 15th term of the geometric sequince whose first is 18 and last term of 387
Jerwin Reply
I know this work
salma
The given of f(x=x-2. then what is the value of this f(3) 5f(x+1)
virgelyn Reply
hmm well what is the answer
Abhi
how do they get the third part x = (32)5/4
kinnecy Reply
can someone help me with some logarithmic and exponential equations.
Jeffrey Reply
sure. what is your question?
ninjadapaul
20/(×-6^2)
Salomon
okay, so you have 6 raised to the power of 2. what is that part of your answer
ninjadapaul
I don't understand what the A with approx sign and the boxed x mean
ninjadapaul
it think it's written 20/(X-6)^2 so it's 20 divided by X-6 squared
Salomon
I'm not sure why it wrote it the other way
Salomon
I got X =-6
Salomon
ok. so take the square root of both sides, now you have plus or minus the square root of 20= x-6
ninjadapaul
oops. ignore that.
ninjadapaul
so you not have an equal sign anywhere in the original equation?
ninjadapaul
hmm
Abhi
is it a question of log
Abhi
🤔.
Abhi
I rally confuse this number And equations too I need exactly help
salma
But this is not salma it's Faiza live in lousvile Ky I garbage this so I am going collage with JCTC that the of the collage thank you my friends
salma
Commplementary angles
Idrissa Reply
hello
Sherica
im all ears I need to learn
Sherica
right! what he said ⤴⤴⤴
Tamia
hii
Uday
hi
salma
what is a good calculator for all algebra; would a Casio fx 260 work with all algebra equations? please name the cheapest, thanks.
Kevin Reply
a perfect square v²+2v+_
Dearan Reply
kkk nice
Abdirahman Reply
algebra 2 Inequalities:If equation 2 = 0 it is an open set?
Kim Reply
or infinite solutions?
Kim
The answer is neither. The function, 2 = 0 cannot exist. Hence, the function is undefined.
Al
y=10×
Embra Reply
if |A| not equal to 0 and order of A is n prove that adj (adj A = |A|
Nancy Reply
rolling four fair dice and getting an even number an all four dice
ramon Reply
What is the expressiin for seven less than four times the number of nickels
Leonardo Reply
How do i figure this problem out.
how do you translate this in Algebraic Expressions
linda Reply
why surface tension is zero at critical temperature
Shanjida
I think if critical temperature denote high temperature then a liquid stats boils that time the water stats to evaporate so some moles of h2o to up and due to high temp the bonding break they have low density so it can be a reason
s.
Need to simplify the expresin. 3/7 (x+y)-1/7 (x-1)=
Crystal Reply
. After 3 months on a diet, Lisa had lost 12% of her original weight. She lost 21 pounds. What was Lisa's original weight?
Chris Reply
Got questions? Join the online conversation and get instant answers!
QuizOver.com Reply

Get the best Algebra and trigonometry course in your pocket!





Source:  OpenStax, Operating systems. OpenStax CNX. Aug 13, 2009 Download for free at http://cnx.org/content/col10785/1.2
Google Play and the Google Play logo are trademarks of Google Inc.

Notification Switch

Would you like to follow the 'Operating systems' conversation and receive update notifications?

Ask