On usual UNIX systems, a privileged user of root is allowedto acquire any user’s authority without authentication process. If anintruder obtains the root privilege by taking advantage of system’s securityhole, he can abuse network reachability of any user of the system tobreak into other sites. Thus we present a new system design where theauthority of users is protected from root by introducing a new user substitutionmechanism. However, even if we introduce the new mechanism,on usual UNIX systems, the intruder can get the authority using manyother methods for root. We implement the new user substitution mechanismand the mechanisms which prevent the intruder from using suchmethods in FreeBSD-4.2, and confirm that the system design is effective.
CITATION STYLE
Masui, K., Tomoishi, M., & Yonezaki, N. (2001). Design of unix system for the prevention of damage propagation by intrusion and its implementation based on 4 4BSD. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 2200, pp. 536–552). Springer Verlag. https://doi.org/10.1007/3-540-45439-x_37
Mendeley helps you to discover research relevant for your work.