INFR3610U – Take-Home Final Exam (Winter 2020) Due: April 20th, 11:59pm Instructions: · Submit your written answers directly in this document (and rename it “Lastname_firstname”, in Word or PDF...

no quesitons



INFR3610U – Take-Home Final Exam (Winter 2020) Due: April 20th, 11:59pm Instructions: · Submit your written answers directly in this document (and rename it “Lastname_firstname”, in Word or PDF format) through BlackBoard. It is your responsibility to verify that the assignment was properly submitted through BlackBoard by the deadline. · To ensure all students have access to the same information, the instructor and TA will not be answering questions about the exam content or questions. For all questions, if you are unsure of how to proceed, state in writing any reasonable assumptions you think are necessary, and proceed to answer the question. Assumptions will be considered in grading. · The exam has 105 points and 24 BONUS points. · This exam is open-book and open-Internet; however, you may not consult with any other people about the contents of this exam. This exam is to be completed and written up individually. · You must begin the exam by reading, understanding, and signing the declaration below on this first page. · IMPORTANT: For all questions that require something to be named “_somelabel”, make sure you replace Firstname with your own first name, and Lastname with your own last name (e.g., for this course instructor it would be Julie_Thorpe_somelabel). · Good luck! Declaration: As a member of the Ontario Tech University community, I share our community’s commitment to the highest standards of academic integrity and excellence in all dimensions of our work. I therefore promise that I will not lie, cheat, or use any unauthorized aids or assistance to complete any of my essays, assignments, and exams. I further promise that I will not offer any unauthorized assistance to any of my fellow students, and I promise that I will not ask any of my fellow students for unauthorized assistance. I promise that the work I submit is my own and that where I have drawn on the work of others, I have included proper attribution for my sources. Signed, Name:______Terron Turner_______________________, Student Number:____100566254___________, April 20, 2020, INFR 3610 1. (10 points) Suppose a Linux operating system has two users: _Bob and _Eve who do not belong to the same group._Bob’s home directory has the permissions of “drwx--x--x” and contains a folder called “confidential” with permissions of “drwx--xr-x”, which in turn contains a file called “keys.txt”. The “keys.txt” file has the permissions of “-rw-rw-rw-“. a. (3 points) Set up this scenario on a Linux system. Provide a screenshot that shows the file and folder’s permissions, as well as their ownership. b. (2 points) Provide a screenshot demonstrating whether or not _Eve can read and write to keys.txt if she knows the location (full path) of the file. c. (2 points) Provide a screenshot demonstrating whether or not _Eve can list the contents of the confidential directory if she knows its location (full path). d. (3 points) Set the permissions of the home directory to ensure that (1) _Eve cannot read and write to the file and (2) _Eve cannot verify that the file exists. Provide a screenshot that shows the relevant permissions you have changed. 2. (10 points) On a Windows system, under “HKLM\ \SOFTWARE\Microsoft\Windows\CurrentVersion\Run”, create a registry subkey called FirstName_LastName_OSSec. Set up auditing for this registry subkey (FirstName_LastName_OSSec) to report modifications from “Everyone”. Next, create a new subkey under FirstName_LastName_OSSec called FirstName_LastName_AuditTest. Finally, open up Event Viewer and locate the registry logs related to the creation and/or access of FirstName_LastName_AuditTest, and take a screenshot showing at least one of these logs (the screenshot must show your new key name, which contains your name). Provide your screenshot, and explain what benefit someone could gain from auditing registry subkeys under HKLM\ \SOFTWARE\Microsoft\Windows\CurrentVersion\Run. Figure 1: Snippet of an SELinux policy to interpret (assume the policy contains all necessary information to allow compilation, e.g., a correct require block). 3. (21 points) For the partial SELinux policy provided in Figure 1, assuming that it applies to a target application vulnerableapp that has a binary file labelled with type “exam_exec_t”, circle the correct answer for the following questions: a. (2 points) Will vulnerableapp run in its own domain? (yes/no) b. (2 points) Is vulnerableapp allowed to print to stdout (i.e., to the terminal screen)? (yes/no) c. (2 points) Can vulnerableapp append to files in another user’s home directory (if the Linux permissions allow it)? (yes/no) d. (2 points) Can vulnerableapp read files in another user’s home directory (if the Linux permissions allow it)? (yes/no) e. (2 points) Can vulnerableapp read files belonging to another application that are labeled unconfined_t (if the Linux permissions allow it)? (yes/no) f. (2 points) Can vulnerableapp read files belonging to another application that are labeled lib_t (if the Linux permissions allow it)? (yes/no) g. (2 points) Can vulnerableapp append to files of type user_home_t that have another MCS category than vulnerableapp? (yes/no) h. (2 points) Will an application labeled with type user_home_t be able to be started from vulnerableapp? (yes/no) i. (5 points) On a Linux system with SELinux enabled, create a new file called _secretfile.txt. Set the file’s access control such that the file can theoretically be accessed by the passwd program. Provide a screenshot that shows the resulting SELinux and Linux access control information for _secretfile.txt. Figure 2: Linux permissions to interpret. 4. (14 points) Given the files and their Linux permissions shown in Figure 2, assuming bob is another user on the system, answer the following questions by circling the correct answer: a. (1 point) Can ‘app’, if run by eve, read ‘fileC’? (yes/no) b. (1 point) Can ‘script’, if run by eve, read ‘fileC’? (yes/no) c. (1 point) Can ‘app’, if run by eve, read ‘fileB’? (yes/no) d. (1 point) Can ‘script’, if run by eve, read ‘fileB’? (yes/no) e. (1 point) Can ‘app’, if run by bob, write to ‘fileC’? (yes/no) f. (1 point) Can ‘script’, if run by bob, write to ‘fileC’? (yes/no) g. (1 point) Can ‘app’, if run by bob, read ‘fileA? (yes/no) h. (1 point) Can ‘script’, if run by bob, read ‘fileA’? (yes/no) i. (1 point) Can ‘app’, if run by julie, read ‘fileC? (yes/no) j. (1 point) Can ‘script’, if run by julie, read ‘fileC’? (yes/no) k. (1 point) Can ‘app’, if run by julie, read ‘fileA? (yes/no) l. (1 point) Can ‘jscript’, if run by julie, write ‘fileA’? (yes/no) m. (1 point) Can ‘jscript’, if run by julie, read ‘fileB? (yes/no) n. (1 point) Can ‘script’, if run by julie, read ‘fileB’? (yes/no) 5. (8 points) A Windows system has a file named ‘CriticalConfigs.dat’, and an access control list with the following access control entries: · (ACE1- Allowed: SuperUsersGroup – Read & Execute, Write) · (ACE2- Denied: Eve – Write) · (ACE3 - Allowed: PowUsersGroup – Traverse Folder/Execute File, List Folder/Read Data) · (ACE4 – Denied: Merv – Traverse Folder/Execute File) · (ACE5 – Denied: Oscar – Traverse Folder/Execute File) · (ACE6 – Denied: PowUsersGroup – Delete) Please indicate whether each of the following statements are True (T) or False (F) by circling the correct answer: a. (1 point) User ‘Alice’, who belongs to the ‘SuperUsersGroup’, would be able to write to CriticalConfigs.dat. (T/F) b. (1 point) User ‘Eve’, who belongs to the ‘SuperUsersGroup’, would be able to write CriticalConfigs.dat. (T/F) c. (1 point) User ‘Bob’, who belongs to a group called ‘UsersGroup’, would be able to read CriticalConfigs.dat. (T/F) d. (1 point) User ‘Merv’, who belongs to the ‘PowUsersGroup’, would be able to read CriticalConfigs.dat. (T/F) Now imagine that the same Windows system described above has ‘CriticalConfigs.dat’ contained in a folder named ‘SensitiveFiles’, which has an access control list containing the following access control entries: · (ACE1- Denied: SuperUsersGroup – Read & Execute, Write) · (ACE2 - Allowed: PowUsersGroup – Full Control) · (ACE3 - Allowed: Eve – Full Control) Assume that the permissions that ‘CriticalConfigs.dat’ inherits from ‘SensitiveFiles’ are not explicitly propagated. Please indicate whether each of the following statements are True (T) or False (F) by circling the correct answer: e. (1 point) User ‘Alice’, who belongs to the ‘SuperUsersGroup’, would be able to write to CriticalConfigs.dat. (T/F) f. (1 point) User ‘Eve’, who belongs to the ‘SuperUsersGroup’, would be able to read CriticalConfigs.dat. (T/F) g. (1 point) User ‘Oscar’, who belongs to the ’PowUsersGroup’, would be able to write CriticalConfigs.dat. (T/F) h. (1 point) User ‘Oscar’, who belongs to the ‘PowUsersGroup’, would be able to execute CriticalConfigs.dat. (T/F) 6. (10 points) Recall Gingerbreak, the Android root exploit that exploited a vulnerability in the vold daemon. Explain, in your own words, two of the ways that SEAndroid prevented the exploit from working. (Write 2 bullet points, which can contain 2-3 sentences each). 7. (15 points) Explain, in your own words, the relationship between the Lattice model, KVM’s use of SELinux, and Android’s use of SELinux. (Max answer length: 1 paragraph) 8. (BONUS: 10 points) Explain, in your own words, how a covert channel can be used on an Android phone to subvert the SELinux permissions/access control model used. Ensure your explanation contains (a) the threat model, (b) a technical description of the covert channel and how it would work, and (c) an example of data it might try to transmit. (Max answer length: 2 paragraphs). 9. (14 points + 14 BONUS points) The table on the next page provides a summary of the seven questions we use for discussing the security of a given operating system. Answer the questions according to the instructions below for Windows and SELinux; correct answers for Android and ImaginaryOS will result in BONUS points. ImaginaryOS is a hypothetical operating system that has the following known evaluation results: i. Has recently been evaluated to have EAL 7 using a Protection Profile that is currently unpublished (so is unknown). ii. Was previously evaluated to have level B2 using the Orange Book levels. For each question, in the table, provide a single answer using the following legend. Note that what you write in each cell should indicate that your answer provides a positive point towards answering the question (i.e., ‘Y’) or a negative point towards answering the question (i.e., ‘N’). For example, if (j) below is positive, you would answer Y-(j) in the table cell(s) for which it is your