6. Operating System Security Issues

Question 1

What is role based access control?

Answer 1

RBAC limits users access based on roles and privileges. It can implement both DAC and MAC

Question 2

What are advanced file attributes?

Answer 2

Advanced file attributes includes the setuid bit (allows an executable to run with the owners privelege, can be a security hole if the owner is root), the setgid bit (runs with group owner’s privilege or makes new files inherit parent makes new files inherit parent directory’s group)
and the sticky bit (restricts file deletion in directories to the owner or super user)

Question 3

What is the least privilege principle?

Answer 3

Users and programs should only have the minimum privileges necessary to perform their tasks.
- Using sudo instead of logging in directly as root is an example.

Question 4

What should be done with services not needed (service management)?

Answer 4

services not needed by the system or users should be removed as they represent potential attack vectors
- use tools like nmap to identify open ports and running services.

Question 5

What are Daemons?

Answer 5

Background processes running independently of terminals, reporting errors via log files
- Can be started directly or via super servers