Title | ||
---|---|---|
Design of UNIX System for the Prevention of Damage Propagation by Intrusion and Its Implementation Based on 4.4BSD |
Abstract | ||
---|---|---|
On usual UNIX systems, a privileged user of root is allowed to acquire any user's authority without authentication process. If an intruder obtains the root privilege by taking advantage of system's security hole, he can abuse network reachability of any user of the system to break into other sites. Thus we present a new system design where the authority of users is protected from root by introducing a new user substitution mechanism. However, even if we introduce the new mechanism, on usual UNIX systems, the intruder can get the authority using many other methods for root. We implement the new user substitution mechanism and the mechanisms which prevent the intruder from using such methods in FreeBSD-4.2, and confirm that the system design is effective. |
Year | Venue | Keywords |
---|---|---|
2001 | ISC | network reachability,unix system,root privilege,damage propagation,authentication process,new mechanism,security hole,usual unix system,new system design,privileged user,new user substitution mechanism,system design |
Field | DocType | ISBN |
Intrusion,Authentication,Computer science,Systems design,Unix,Reachability,System call,Operating system,Distributed computing,The Internet | Conference | 3-540-42662-0 |
Citations | PageRank | References |
0 | 0.34 | 8 |
Authors | ||
3 |
Name | Order | Citations | PageRank |
---|---|---|---|
Kenji Masui | 1 | 16 | 3.18 |
Masahiko Tomoishi | 2 | 7 | 6.18 |
Naoki Yonezaki | 3 | 107 | 20.02 |