Describe a good solution to the problem of having a group of students collaborate on a software construction project using the directory of one of the group members in such a way that it would be difficult for nonmembers to discover and would not require the help from a system administrator, assuming that the only access rights the group leader can modify are those for "everyone.". You may assume
that access rights for directories are "read," "write," and "exec," where "read" means the files and subdirectories in that directory can be listed, "write" means members of that directory can be inserted, deleted, or renamed, and "exec" on a directory or subdirectory means the user can change his location to that directory or subdirectory so long as he specifies its exact name.
What will be an ideal response?
Create a directory, foo, in the home directory, which does not have read access
rights for everyone, but has exec rights for everyone. Then put a subdirectory inside foo
with a random name. Alternatively, its name could be the output of a cryptographic hash
of each day's date and a key that is shared by all the team members. So the name of the
subdirectory is either random or pseudo-random and is known only to the team members,
and no outsider could easily guess this name. Make the access rights for this subdirectory
be read, write, and exec for everyone. Since the foo directory is not readable, no outsiders
can list its contents and see the name of this important subdirectory. But since the team
members all know its name, they can change their location to that directory and do their
work.
You might also like to view...
The member function eof() is (true/false) when we are ready to read the end of file character.
Fill in the blank(s) with the appropriate word(s).
What connectivity type would be best for a printer that needs 24/7 access by employees?
A) RJ-11 B) RJ-45 C) USB D) eSATA
Which of the following system utilities can be used to troubleshoot startup programs or services in Windows?
a. MSConfig b. System Information c. Device Manager d. Command Prompt
In which of the following attacks does an attacker install a fake communication tower between two authentic endpoints with the intention of misleading a user and interrupting the data transmission between the user and real tower to hijack an active session?
A. Rogue AP attack B. Key reinstallation attack C. Wardriving D. aLTEr attack