Lecture 4: Privilege Separation

From MIT 6.858

Written lecture notes

Privilege separation is employed in...

OKWS - OkCupid's web server
Google Chrome
SSH daemon
UNIX

Background: protection in UNIX

Principals are entities that want access to objects
In UNIX, typical principals are user IDs and group IDs (32 bit integers)
Every process has a user ID (uid) and a list of group IDs (gid + grouplist)
Superuser principal (root) has a uid of 0
In what operations does UNIX enforce access control?
- Files, directories
  - File operations: read, write, execute, change perms
  - Directory operations: lookup, create, remove, rename, change perms

... (incomplete)