CS360 Midterm -- October 18, 2000. Question 3: Answer and grading

7 Points

Answer

Let's suppose your username is dge, (standing for ``disgruntled employee.''

You want to run bbbf using your Boss's user id. Sounds like a job for the setuid bit. So, while you are still logged into your boss's account, you do:

BOSS> chmod 04755 bbbf

This means that anyone can run bbbf, and it will delete all of the boss's files.

Next, you want to make it so that the boss can't get at this program, but you can. So what you do is make a directory in your own home area, and make it so that anyone can write a file to it. From your account, you do the following:

YOU> mkdir evil_directory
YOU> chmod 0777 evil_directory

Now, from the boss's account, move bbbf to that directory. This is possible because you protected it so that anyone can write to it.

BOSS> mv bbbf /home/dge/evil_directory

And the last step is for you to protect evil_directory so that your boss cannot access files there:

YOU> chmod 0700 evil_directory

Now you're done. Whenever you want, you can run bbbf to delete your boss's files, and he is powerless to do anything about it, unless he can get root access (or access to your account), so that he can get into evil_directory get rid of bbbf.

Grading

This question required some creative thinking. I didn't accept anything but the above -- none of your variants fit the rules. Here is the breakdown of grading:

If you simply ran bbbf from the boss's directory while he was out of the office, you got zero points. Sorry.
If you set the setuid bit of bbbf, you got 2 points.
If you said that you later ran this from your account, you got another 2 points.
If you tried to hide the file, you got one more point.
If you hid it well, you got the final two points.

Deductions:

Setting the setuid bit on all files instead of just bbbf: -1
Getting the hiding part right, but missing the setuid bit: -1