Home > CS177 > Homework 3

Thanks for typing your work! There were only six hand-written assignments for Homework 3.

no notes

A lot of people talked about file integrity. As the answer key states, a loss of file integrity can lead to a loss of confidentiality. However, the issue here is system integrity, which must obviously hold in order for the system to ensure confidentiality.

For part (b), a counterexample (a case in which a loss of confidentiality necessarily results in a loss of integrity) is not sufficient. The question asks if there can be any system which can ensure integrity without confidentiality, and the answer is yes. Even this web page is an example.

Again, make sure you review the differences between availability, confidentiality, and integrity.

no notes

There seemed to be some controversy surrounding this problem, but a good number of people got it right so I'm happy about that. Any answer with an argument similar to the answer key was acceptable. For example, some people said that the permission for world could be any of 0, 1, 2, or 3, which is fine.

For part (b), several people used 755. That was apparently an example from the book, but this homework question says specifically that there should NOT be worldwide (or 'other') read access, which immediately rules out that possibility.

For part (c), some people suggested a script to automatically update the configuration file somehow. This is bad for at least the following two reasons. First, an automated change generally happens without the knowledge of the administrators, so any problems could go unnoticed. In addition, adding any new means of writing to a security mechanism configuratation opens up possible attack vectors. In short, this is probably not the best idea. Most people gave the expected answer, which was to include regexp functionality.

Additional Problem #1
Most people got this one all right. In general, people said that the CS AUP deals with most of the issues raised in class and covered by Bishop, and goes into more detail at times. In addition, it talks about things such as eating/drinking in the labs, and ettiquette issues that were not covered by Bishop.

Additional Problem #2
no notes

Home > CS177 > Homework 3