Lab 04. Access Control | Báo cáo thực hành môn An toàn thông tin Trường đại học sư phạm kỹ thuật TP. Hồ Chí Minh
Access control refers to the ability of a user to access a particular object and possibly modify it. In terms of operating systems, access control refers to the ability of a user to read, write or execute a certain file or folder. In this lab, you shall study the access control framework for Microsoft Windows and UNIX-based platforms. Tài liệu giúp bạn tham khảo, ôn tập và đạt kết quả cao. Mời bạn đọc đón xem!
Môn: An toàn thông tin (INSE330380)
Trường: Đại học Sư phạm Kỹ thuật Thành phố Hồ Chí Minh
Thông tin:
Tác giả:
Thông tin :
Môn:
An toàn thông tin (INSE330380)
Trường:
Đại học Sư phạm Kỹ thuật Thành phố Hồ Chí Minh
Tác giả:
Tài liệu liên quan:
Preview text:
Lab 04. Access Control
Access control refers to the ability of a user to access a particular object and possibly
modify it. In terms of operating systems, access control refers to the ability of a user to
read, write or execute a certain file or folder. In this lab, you shall study the access control
framework for Microsoft Windows and UNIX-based platforms. Submission:
You will compose a lab report that documents each step you take, including screenshots to illustrate the
effects of commands you type, and describing your observations. Simply attaching code without any
explanation will not receive credits Time duration: 1 week
1. Use the chmod command on Linux
su: Set-UID, sg: Set-GID, t: sticky -
Some options of the chmod command:
$chmod u+w = add write to *user*
$chmod g-rw = remove read and write from *group*
$chmod o-rwx = remove read, write and execute from *other*
$chmod a+w = add write to *all*
$chmod a-wx = remove write and execute from *all* $ chmod -R 755 myfolder
Note: -R . It allows you to modify objects recursively, changing permissions on all
objects in a directory and its subdirectories - Linux file system permissions: o Create 3 users
Firstly, I use the adduser command to create three users:
sudo adduser newuser1
sudo adduser newuser2
sudo adduser newuser3 o
Create 3 (files or folders)
Create three files or folders using touch or mkdir command:
-create file1 with newuser1 as owner
touch file1
-create file2 with newuser2 as owner
touch file2
-create file3 with newuser3 as owner
touch file3 o
Use the chmod command to change the permissions on these files or folders
-Give newuser1 write permission on file1:
chmod u+w file1
->now we can see user1 got write permission
-Remove read and write permissions from the group on file2:
chmod g-rw file2
->we can see now the group have the read and write permission
-Remove read, write, and execute permissions from others on file3: chmod o-rwx file3
-now others like newuser1 or 2 can not read execute or write file3
2. Use the NTFS permission on Windows -
Create 3 users: Alice, John, Julie - Create folder: Data - Permissions: o
Alice has full permissions on the folder Data o
John has only read permissions on the folder Data o
Julie has no permissions on the folder Data
-right-click on the "Data" folder and select "Properties". -Go to the "Security" tab.
-Click on "Edit" to change permissions.
-Click on "Add" to add the users (Alice, John, and Julie).
-Select each user and set their permissions:
-For Alice, click on her name, then check the "Allow" box next to "Full control".
-For John, click on his name, only choose "Read".
-For Julie, click on her name, then check the "Deny" to "Full control".
After setting permissions, click "Apply" and then "OK" to close the properties window.
Right-click on the "Data" folder again and select "Properties".
Go to the "Security" tab to verify that permissions are correctly set for each user.
-John: only have read permission -while alice have full control
-lastly julie have no permission at all