In Figure17.9, we rely on the ownership of the socket to identify the client. Describe one way to improve this check.

What will be an ideal response?


One way to strengthen the check is to see if the POSIX_CHOWN_RESTRICTED option is enabled. If so, then an unprivileged user can’t change the ownership of the socket to some other user.Ifnot, the server could requirethat the client send it a cleartext password, encrypt it, and see if it matches that user’s entry in /etc/passwd.Onsystems that hide the password in a shadow ?le, the server would need superuser privileges to gain access to the encrypted password. Alternatively,the server could be designed to use a separate password?le that users need to register a password in using a command that is set-user-ID to root, similar to passwd(1). This would remove the need to have the server run with superuser privileges, as long as it could read the password?le.

Computer Science & Information Technology

You might also like to view...

A database that contains a collection of associated tables is called a _________.? A. graph database B. relational database C. parallel database D. online database

Fill in the blank(s) with the appropriate word(s).

Computer Science & Information Technology

In the following line: hr {color: #00448877}, what is the property?

What will be an ideal response?

Computer Science & Information Technology

Case-Based Critical Thinking Questions ?Case 6-2 Keira is presenting a PowerPoint 2016 presentation over the Internet for the first time. She is conducting a "trial run" of her presentation by showing it over the Internet to a few of her co-workers. To present a slide show online, once Keira is on the right tab, she goes to the Start Slide Show group, and clicks the ____ button to open the Present Online dialog box.

A. Broadcast B. Present Online C. Present Now D. Web Presentation

Computer Science & Information Technology

____________________ is area on a web page that contains no text or graphics.

Fill in the blank(s) with the appropriate word(s).

Computer Science & Information Technology