COSC 352
Information Assurance
Spring, 2002
Homework #3
Password Processing
Due March 14, 2002, prior to class

For this assignment, you will be writing a program that provides password access to a file on a Unix system.

We have seen that Unix uses the suid bit on files to provide a method of changing domains. Programs that need to run at a privilege level that is higher that that of an individual user are often owned by root and have the suid bit set, so that when they run, they run with root's privilege level.

It is possible for others to provide access to their user domain using suid programs as well. For this project, what you are going to do is write a suid program that will allow others to access a file in your account on a Unix system.

Each of you should have an account on GUSUN or CSSUN, and and you may write your program in either C or C++ on one of those machines.

To test your program, you can suid it to your own name and have some one else run it, or run it yourself from a friend's account. If you can't find someone to test it, mail the instructor and he will test it for you, or come by office hours.To make your program suid:

See the chmod man page for more information.

When done testing it, I recommend that you unset the suid bit by doing chmod -s <user_name>.exe. This is more secure for the files in your account.

You will mail the instructor a tar file containing the source code, the executable, some text file to be accessed, and any configuration files you require. Please do not send object files that are not needed. Projects are due before class on March 14th, 2002.

References that might prove useful include:

Advanced Programming in the UNIX Environment, by W.R. Stevens. If it is not in the library, or if you don't have a copy, the instructor has a reference copy he will lend for short periods of time.