Download Lecture Slides on File Systems - Operating Systems | CSCI 1670 and more Papers Operating Systems in PDF only on Docsity!
File Systems (The End!)
cs 167
XxIV-1 Copyright © 2008 Thomas W. Doeppner. Al rights reserved.
Flash Memory
* Two technologies
—nor
- byte addressable
—nand
- page addressable
+ Writing
— newly “erased” block is all ones
— “programming” changes some ones to zeroes
- per byte in nor; per page in nand (multiple
pages/block)
- to change zeroes to ones, must erase entire block
- can erase no more than ~100k times/block
cs 167 XxIV-2 Copyright © 2008 Thomas W. Doeppner. Al rights reserved.
Flash with FTL
* Which file system?
— FAT32 (sort of like S5FS, but from Microsoft)
—NTFS
—FFS
— Ext3
cs 167
XXIV-5. Copyright © 2008 Thomas W. Doeppner. Al rights reserved.
Flash without FTL
* Known as memory technology device (MTD)
— software wear-leveling
— perhaps other tricks
cs 167 XXIV-6 Copyright © 2008 Thomas W. Doeppner. Al rights reserved.
JFFS and JFFS2
¢ Journaling flash file system
— log-based: no journal!
- each log entry contains inode info and
some data
- garbage collection copies info out of
partially obsoleted blocks, allowing block
to be erased
- complete index of inodes kept in RAM
- entire file system must be read when
mounted
cs 167
XXIV-7
Copyright © 2008 Thomas W. Doeppner. Al rights reserved.
See http://sourceware.org/jffs2/jffs2-html/jffs2-html.html for descriptions of JFFS
and JFFS2.
Security (Part 1)
cs 167
XXIV=10 Copyright © 2008 Thomas W. Doeppner. Al rights reserved.
Security
+ Framework
— authentication
— access control
¢ Breaking and entering
— prevention
cs 167 XXIV=14 Copyright © 2008 Thomas W. Doeppner. Al rights reserved.
Concerns
+ Authentication
— who are you?
+ Access control
— what are you allowed to do?
+ Availability
—can others keep you out?
cs 167 XXIV=12, Copyright © 2008 Thomas W. Doeppner. Al rights reserved.
Systems that employ just one-way functions to protect their passwords are vulnerable to dictionary attacks. Unix uses “salt” as a means to foil dictionary attacks, though it’s probably not of tremendous use anymore.
Counter Counter Attacks
+ Don’t allow common access to password
images
—/etc/passwd contains everything but password
images and is readable by all
— /etc/shadow contains password images
+ Use better passwords
— “w7%3ngibwy6” rather than “fido”
+ Use strong cryptography and smart cards
— combined with PINs
+ Use biometrics
cs 167 XXIV-17 Copyright © 2008 Thomas W. Doeppner. Al rights reserved.
We now turn our attention to hacking. Though we don’t provide a whole lot of detail in our description. All the details (and excellent working code) are provided at numerous sites on the Web.
.
Trap doors
Trojan horses
Attacks
Viruses and worms
Exploit bugs
Exploit features
cs 167
XXIV-21
Copyright © 2008 Thomas W. Doeppner. Al rights reserved.
Trap Doors
* You supply a CD driver
* ioctl (cd_file_descriptor, 0x5309)
— standard command to eject the CD
* ioctl (cd_file_descriptor, 0xe311)
— second argument is passed to your driver
— on receipt, your driver sets UID of current
process to zero
cs 167 XXIV-22 Copyright © 2008 Thomas W. Doeppner. Al rights reserved.
On Unix systems, “superuser” has a UID of zero.
Trojan Horses
+ Free software!!!
— upgrades your
DVD-ROM into a
DVD-RW!!
cs 167 XXIV-25 ‘Copyright © 2008 Thomas W. Doeppner. Al rights reserved.
Viruses and Worms
* Virus: an “infection” of a program that
replicates itself
+ Worm: a standalone program that actively
replicates itself
cs 167 XXIV-26 ‘Copyright © 2008 Thomas W. Doeppner. Al
How to Write a Virus (1)
Program
(date)
Virus
(/bin/rm —rf /)
cs 167
XXIV-27
Copyright © 2008 Thomas W. Doeppner. Al rights reserved.
How to Write a Virus (4)
ES
Program
(date;
if (day ==
Tuesday)
/bin/rm —rf /)
cs 167
XXIV-30 Copyright © 2008 Thomas W. Doeppner. Al
How to Write a Virus (5)
Program
(date;
if (day ==
Tuesday)
/bin/rm -rf /;
infect
others)
cs 167
XXIV-34 Copyright © 2008 Thomas W. Doeppner. All rights reserve.
Further Issues
+ Make program appear unchanged
— don’t change creation date
— don’t change size
+ How to infect others
— email
—web
— direct attack
— etc.
cs 167 XXIV-32 Copyright © 2008 Thomas W. Doeppner. Al rights reserved.