Changes between Version 93 and Version 94 of EducationalAssignments/SecurityLayerPartOne

Changes between Version 93 and Version 94 of EducationalAssignments/SecurityLayerPartOne

Please note that these Trac pages are no longer being updated. Wiki contents/documentation have moved to GitHub.

Changes between Version 93 and Version 94 of EducationalAssignments/SecurityLayerPartOne

Please note that these Trac pages are no longer being updated. Wiki contents/documentation have moved to GitHub.

Changes between Version 93 and Version 94 of EducationalAssignments/SecurityLayerPartOne

Show
Ignore:
Timestamp:
05/19/12 06:05:49 (7 years ago)
Author:
ericms
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • EducationalAssignments/SecurityLayerPartOne

    v93 v94  
    4646{{{python preparetest.py -t [destdir]}}} 
    4747 
     48Please note, the directory you decide to unpack the files to show be the directory you use to run all your code!  Please save all files you intend to run in this directory.   
    4849Finally use the command found below in order to run repy files: 
    4950 
     
    6162 * command line errors: 
    6263 
    63 '''restrictions.default is missing:''' In the above command line call, you must have `repy.py`, restrictions.default encasementlib.repy, the security layer and the program you want to run in the current working directory.  If any or all of the above files are not in that directory then you will not be able to repy files.  Upon initial installation `restrictions.default` is often missing from the directory where `repy.py` is installed.  You must simply find it by searching through your repy files and copy/paste it into the current working directory.  A copy of `restrictions.default` exists in the directory ...\repy_v2\repy\tests. 
    64  
    65 '''encasementlib.repy is missing:''' It might also be the case that you are missing `encasementlib.repy` from the working directory.  It can be found in ...\repy_v2\repy\pre 
     64'''restrictions.default is missing:''' In the above command line call, you must have `repy.py`, restrictions.default encasementlib.repy, the security layer and the program you want to run in the current working directory.  If any or all of the above files are not in that directory then you will not be able to repy files.  It is likely you are trying to run repy files from the wrong directory, if this is the case.  Since `repy.py` exists in multiple directories, it is possible to run `.repy` files from other than the the one you are supposed to use.  However, this will always cause an error.   
    6665 
    6766 * Downloading the wrong version of seattle: 
    6867 
    69 Seattle is operating system dependent.  If you download the windows version, you need to use the windows command line.  For windows 7 this is powershell.  You can open a new terminal by going to start, search, type powershell.  If you downloaded the linux version you must use either cygwin or a linux OS.   
     68Seattle is operating system dependent.  If you download the windows version, you need to use the windows command line.  For windows 7 this is powershell.  You can open a new terminal by going to start, search, type powershell.  If you downloaded the linux version you must use a linux OS.   
    7069 
    7170Advanced trouble shooting: 
     
    9392 
    9493{{{ 
    95 # Repy V2 Security Layer Sample - Methods - Code 
    96 # no_first_byte.repy 
    97  
    98 # Defining constants for later use 
     94""" 
     95This security layer interposes on a textfile  
     96and gives it open, close, read and write access. 
     97However, a user cannot start the document with the letters, 
     98MZ. 
     99If a user tries to the security layer will raise an exception. 
     100Note: 
     101        This security layer uses encasementlib.repy, restrictions.default, repy.py and python 
     102        Also you need to give it an application to run. 
     103        This security layer never runs explicitedly but instead interposes functions 
     104        from above layers. 
     105         
     106        """      
     107         
     108BUFFER = [] 
     109         
    99110TYPE="type" 
    100111ARGS="args" 
     
    105116OBJC="objc" 
    106117 
    107  
    108 # Creating our class 
    109 class NoFirstByteFile(): 
    110   def __init__(self,file): 
    111     self.file = file 
    112  
    113   def readat(self,bytes,offset): 
    114     return self.file.readat(bytes,offset) 
    115  
    116   def writeat(self,data,offset): 
    117     if data.startswith("MZ") and (offset == 0):    
    118       raise ValueError("Cannot start file with MZ!") 
    119     else: 
    120       return self.file.writeat(data,offset) 
    121  
    122   def close(self): 
    123     return self.file.close() 
    124  
    125 # Creating the mappings for our class  
    126  
    127 sec_file_def = {"obj-type":NoFirstByteFile, 
    128                 "name":"NoFirstByteFile", 
    129                 "readat":{TYPE:FUNC,ARGS:((int,long,type(None)),(int,long)),EXCP:Exception,RETURN:str,TARGET:NoFirstByteFile.readat}, 
    130                 "writeat":{TYPE:FUNC,ARGS:(str,(int,long)),EXCP:Exception,RETURN:None,TARGET:NoFirstByteFile.writeat}, 
    131                 "close":{TYPE:FUNC,ARGS:None,EXCP:None,RETURN:(bool,type(None)),TARGET:NoFirstByteFile.close} 
    132                } 
    133  
    134 # Creating a new version of openfile so it creates a NoFirstByteFile object, instead of a normal file. 
    135 def openfile_restricted(look.txt, create): 
    136   f = openfile(look.txt,create) 
    137   return NoFirstByteFile(f) 
    138          
    139 # Mapping openfile to our new version of openfile 
    140 CHILD_CONTEXT_DEF["openfile"] = {TYPE:OBJC,ARGS:(str,bool),EXCP:Exception,RETURN:sec_file_def,TARGET:openfile_restricted} 
    141  
    142 # Dispatch 
     118class SecureFile(): 
     119        def __init__(self,file): 
     120                self.file = file 
     121 
     122        def readat(self,bytes,offset): 
     123                BUFFER.append("SecureFile.readat") 
     124                return self.file.readat(bytes,offset) 
     125 
     126        def writeat(self,data,offset): 
     127                BUFFER.append("SecureFile.writeat") 
     128                if data.startswith("MZ") and (offset == 0):      
     129                        raise ValueError("Cannot start file with MZ!") 
     130                else: 
     131                        BUFFER.append("SecureFile.writeat") 
     132                        return self.file.writeat(data,offset) 
     133         
     134        def close(self): 
     135                BUFFER.append("SecureFile.close") 
     136                return self.file.close() 
     137         
     138         
     139sec_file_def = {"obj-type":SecureFile, 
     140                    "name":"SecureFile", 
     141                    "readat":{TYPE:FUNC,ARGS:((int,long),(int,long)),EXCP:Exception,RETURN:str,TARGET:SecureFile.readat}, 
     142                    "writeat":{TYPE:FUNC,ARGS:(str,(int,long)),EXCP:Exception,RETURN:(int,long),TARGET:SecureFile.writeat}, 
     143                    "close":{TYPE:FUNC,ARGS:None,EXCP:None,RETURN:(bool,type(None)),TARGET:SecureFile.close} 
     144                   } 
     145 
     146def secure_openfile(filename, create): 
     147  BUFFER.append("openfile") 
     148  f = openfile(filename,create) 
     149  return SecureFile(f) 
     150 
     151CHILD_CONTEXT_DEF["openfile"] = {TYPE:OBJC,ARGS:(str,bool),EXCP:Exception,RETURN:sec_file_def,TARGET:secure_openfile} 
     152 
    143153secure_dispatch_module() 
    144154 
     155 
    145156}}}  
    146157 
    147158=== Using the example layer === 
    148159 
    149 It is important to keep in mind that only lowercase file names are allowed.  So  in the above code, specifically: 
    150  
    151 {{{ 
    152  
    153 # Creating a new version of openfile so it creates a NoFirstByteFile object, instead of a normal file. 
    154 def openfile_restricted(look.txt, create): 
    155   f = openfile(look.txt,create) 
    156   return NoFirstByteFile(f) 
    157  
    158 }}} 
    159  
    160 look.txt is a valid file name, however Look.txt is not.  Examples of other invalid files names are, look@.txt, look/.txt, and look().txt.  Essentially all non-alphanumeric characters are not allowed.   
    161160 
    162161Keep in mind the above security layer would only stop one kind of attack.  Thus if an attacker doesn't know much about file input/output this will probably stop them.  However there are a bunch of tricks that can be used in order to circumvent this security layer easily.  For instance, the above reference monitor isn't thread safe.  For an introduction to thread safety please read [http://en.wikipedia.org/wiki/Thread_safety wiki/Thread_safety].   
     
    178177{{{ 
    179178# Open a file 
    180 myfile=openfile("something.txt",True) 
     179myfile=openfile("look.txt",True) 
    181180  
    182181# Attempt to write "MZ" to the file 
    183182try: 
    184   myfile.writeat("MZ",0) 
     183        myfile.writeat("MZ",0) 
    185184  
    186185# It raised an Exception (as it was supposed to): 
     
    188187  log("The security layer correctly blocked the write!!!") 
    189188  
    190 # No Exception was raised: 
     189# No Exception was raise 
    191190else: 
    192191  log("Wrote an MZ!!!") 
     
    194193finally: 
    195194  # Close the file after our attempt. 
    196   myfile.close() 
     195        myfile.close() 
    197196}}} 
    198197 
     
    200199 
    201200==== Code Analysis ==== 
     201It is important to keep in mind that only lowercase file names are allowed.  So  in the above code, specifically: 
     202 
     203{{{ 
     204 
     205# Open a file 
     206myfile=openfile("look.txt",True) 
     207 
     208}}} 
     209look.txt is a valid file name, however Look.txt is not.  Examples of other invalid files names are, look@.txt, look/.txt, and look().txt.  Essentially all non-alphanumeric characters are not allowed.   
     210 
    202211This code attempts to write "MZ" to the file directly.  First the file is opened using 
    203 `myfile=openfile("something.file",True)`.  Next `myfile.writeat("MZ",0)` tries to write "MZ" to the file.  The 0 refers to an offset of zero.  The `try:` statement tells the program to "try" this case.  Notice that the `except` is executed if an error is raised.  If the security layer fails the test then the else statement is executed.  The `finally:` statement will always run, closing the file. 
     212`myfile=openfile("look.txt",True)`.  Next `myfile.writeat("MZ",0)` tries to write "MZ" to the file.  The 0 refers to an offset of zero.  The `try:` statement tells the program to "try" this case.  Notice that the `except` is executed if an error is raised.  If the security layer fails the test then the else statement is executed.  The `finally:` statement will always run, closing the file. 
    204213[[BR]] 
    205214=== Running your security layer ===