COMP 3000 Operating Systems
Security and Additional OS Topics (part 3)
Lianying Zhao
Software Package Management
• Confinement/containment is everywhere, as a common practice • To what extent applications are trusted?
• Unmanaged
• A centralized repository to install from
• snap (limited)
• Not much confinement for execution • Also employs a layered file system
• Android or iOS (again)
• UID-based app sandboxing (Android) • Fine-grained permission systems
• Browser sandboxing
COMP 3000 (Winter 2021) 2
Jail Break
• Rooting? (Android)
• Applicable to Linux-based devices
• Used to be an OS thing: all possibilities of becoming root are gone, how to get them back.
• Gradually tightly couple with the bootloader
• Jailbreaking (iOS)
• Applications are jailed by default • And a lot of other restrictions
Note: both are hardware-backed now!
• Both rely on what we are familiar with: vulnerabilities
• The ultimate question: who should have the control over the device?
COMP 3000 (Winter 2021) 3
Rootkit
• A collection of software
• Narrow sense: malicious, with root privilege,
• Broad sense: neutral, user/kernel/hypervisor/firmware level
• Emphasis on the hiding nature, extremely hard to detect
• Can contain different payloads such as virus
• Can be installed in many ways, e.g., through a backdoor, exploiting a vulnerability.
COMP 3000 (Winter 2021) 4
Ransomware
• A type of malware (malicious software) that makes the victim’s files unavailable by encrypting them until a ransom is paid
• Direct monetization
• Typically no root privilege is needed
• Accesses what the victim can access and cares about
• Also:
• Lockware (non-encrypting ransomware) • Leakware or doxware
COMP 3000 (Winter 2021) 5
Back Doors
• Covert (hidden) methods to bypass certain check left by the programmer, intentionally or unintentionally
• Common in embedded systems, and even nowadays IoT devices
• For example, hardcoded passwords, code that loads other code for
execution unbeknownst to the user
• Code review
• If you don’t change your default password, it can serve as a backdoor
COMP 3000 (Winter 2021) 6
Key Loggers
• Malware/spyware that records key strokes of the victim
• Typically used for stealing password or other information
• Software-based or hardware-based
• Again, no need to be privileged (depending on the purpose)
COMP 3000 (Winter 2021) 7
COMP 3000 (Winter 2021) 8
Concurrency Problems
• Multiple tasks ongoing + interaction • Our setting:
• Updates to shared resources
• Problems:
• Updates -> inconsistency (e.g., logic/data corruption) • Updates -> deadlock
• Then why inconsistency? • Race condition
Multiple parties accessing shared resources -> results determined by timing
Critical section: the piece of code that updates a shared resource
• Lack of atomicity
• Two solutions: atomicity or mutual exclusion
COMP 3000 (Fall 2020) 9
Concurrency Mechanisms
• Mainly to use mutual exclusion to achieve atomicity • Locks
• pthread mutex pthread_mutex_lock(&lock) critical section pthread_mutex_unlock(&lock)
• Condition variables
• pthread_mutex_lock(&lock)
while (ready == 0) pthread_cond_wait(&cond, &lock) pthread_mutex_unlock(&lock)
• Combining the two?
pthread_cond_signal()
COMP 3000 (Fall 2020)
10
Concurrency Mechanisms (cont’d)
• Semaphores
• Binary semaphore = mutex
• Initial value
• How much you can give away right after initialization
• 1 = mutex
• 0 = condition variable
• sem_wait() to decrement, and sem_post() to increment • Wait when negative
COMP 3000 (Fall 2020) 11
Deadlocks
• Two or more processes/threads waiting on each other, forever… • Not necessarily caused by the aforementioned mechanisms for
synchronization/mutual exclusion
• Four conditions:
• Mutual exclusion
• Hold-and-wait
• No pre-emption • Circular wait
• Better be avoided, otherwise timeout is a way out
COMP 3000 (Fall 2020) 12
IPC Mechanisms
• Shared memory vs. messaging (pros and cons) • SHM: fast
updates have consistency issues
• MSG: assuming a 3rd party so no concurrency issues high overhead (data copy + context switch)
• mmap(): multiple ways of using it
• Allocate memory (tut3) MAP_PRIVATE|MAP_ANONYMOUS
• Allocate shared memory (tut6) MAP_SHARED|MAP_ANONYMOUS • Map a file into memory (tut5) MAP_SHARED
COMP 3000 (Fall 2020) 13