Comp111: Operating Systems
Classroom Exercise 19
Identity and Protection
Fall 2017

group member 1: ____________________________ login: ______________
group member 2: ____________________________ login: ______________
group member 3: ____________________________ login: ______________
group member 4: ____________________________ login: ______________
group member 5: ____________________________ login: ______________
group member 6: ____________________________ login: ______________
group member 7: ____________________________ login: ______________
group member 8: ____________________________ login: ______________

  1. After 'chmod 02751 foo' what can every user do to foo? Consider both the case where foo is a directory, and the case where foo is a file.





  2. A very common error for linux beginners is to type 'chmod 0 .' What does this do? How does one fix it?





  3. Using chmod and chgrp, write commands that make a file 'bar' accessible to all students. What else has to be done, other than modifying 'bar'?





  4. What additional capabilities are added by allowing one user to be a member of more than one group?
  5. Consider the following scenerio
    pathmodeownergroup
    /drwxr-xr-xrootroot
    /foodr-xr-sr-xcouchfaculty
    /foo/goo-r--r--r--rveroyfaculty
    /bardr-xr--r--brodleyfaculty
    /bar/joe---x--x--xbrodleyfaculty
    Assume that user rveroy has group student and that user couch has group faculty.
    1. How many directories can user rveroy list?



    2. How many files can user couch change?



    3. How did the file goo get a group that is not the same as the owner's group?



  6. One subtle property of linux protection is that the 'other' part of the protection word applies to only to processes that do not have the group of the file and do not have ownership of it. Based upon this, what is the effect of setting a file's protection to -r------w- (0402)?





  7. (Advanced) In former days, hiding things in unlistable directories under obscure names was considered a form of security. E.g., a file you didn't want everyone to find might be listed as h384j92bvkshd82j39d.txt in a directory that has x but not r permission. Thus, people cannot discover the file's name directly, but can open it if they know the name. This is now considered to be a very poor way to hide information. Why?