school/csci5271
1
0
Fork 0
Code Issues Pull requests Projects Releases Wiki Activity
csci5271/ex1/solution.txt
Michael Zhang d7cb704a4a
f
2018-01-29 17:30:43 -06:00

46 lines
2.2 KiB
Text
Raw Permalink Blame History

Question 1
Potential attacks would be attempts to change certain information in the
database, such as an attempt to modify grades or to gain unauthorized access to
exam questions and solutions ahead of time. These attacks could potentially be
performed by mischievous students or anyone else who has knowledge about this
database. Threats we should explicitly exclude from consideration are those
beyond the scope of the software of the database, for example, an attacker
attempting to gain access physically by breaking into the server room holding
the database.
Supposing that the database was stored on the instructor's personal laptop, the
most basic protection that one can employ is a password on the instructor's
laptop account (and filesystem encryption, if possible). This will ensure that
people who have physical access to the professor's computer cannot simply gain
access to important files. Another security measure that could be employed is a
military-grade laptop bag with a physical lock. This prevents people who steal
the laptop from accessing or destroying the data. Relocation to Fort Knox would
also be a plus for security, although without a network card it may be hard to
communicate with the database.
Question 2
Part (a)
Since the Perl script is passing user input directly to another application
without sanitization, anything the user enters could be potentially treated as
code. For example, if the attacker enters the username:
Bob; rm -rf ~/*
they could potentially perform any command they want, since the backtick
syntax will simply pass the entire string to the shell, and the shell knows
nothing about the format of the command, and that the second command was
actually a malicious user input.
One way to improve the code is to check for the existence of characters that
could be interpreted as code ("blacklisting" certain characters). Of course,
this requires that the list must be completely exhaustive, otherwise it serves
absolutely no value. The alternative is to only allow usernames to contain
certain characters (for example, alphanumeric characters) that could not be
interpreted by the shell to be instructions.
Part (b)
Reference in a new issue View git blame Copy permalink