Syracuse University
Set-Nobody Lab
Overview:
In many Unix operating systems, there is a special user called "nobody". It is the opposite to the root: while root is the most powerful user, "nobody" is the least powerful user. Sometimes, we prefer to run a program without using our full privileges. That is why many daemon processes run as "nobody". In this lab, you need to design a mechanism to allow normal users to run their programs as "nobody". Unlike Set-UID, which allows privileges to be escalated, this mechanism should allow privileges to be restricted. Such a mechaim can be used on untrusted programs, especially those downloaded from the Internet.Hint: one way to implement this mechanism (we call it Set-Nobody) is to use the strategy similar to Set-UID. When a program is marked as Set-Nobody, instead of setting the effective user id to the owner of the file (like what Set-UID does), Set-Nobody sets the effective user id to nobody.
Requirement
- Implement the Set-Nobody feature for Minix (hint: you can use the unused bits in the permission field of the I-node data structure).
- Set-Nobody could be a dangeous feature, because it allows a user to run a program using another user's (nobody's) privilege. Please analyze the security of the Set-Nobody concept. Is there any potential security loophole?
Deadline
The project is due in one week.Updated on 12/20/2005