(1) - PowerPoint PPT Presentation
Title: (1)
1
3 ???????
- (1) ??UNIX/Linux????
- 1)????????,???????????
- 2)????????????,????????????????????
- 3)???????????,??setuid/setgid?????????/etc/passed?
???????,????????????????setuid/setgid?????????????
??????uid/gid,????????????????(?????)?????uid/gid?
???????????????,??????????????????????,???????????
,???????????
2
(2) Linux???????
- 1)???????????????????????,??????????????????????
???????????????????? - 2)??????????????????,?????????????????
- 3)????????????????????,??????????????????????????
????????????????? - 4)???????????????????????
3
(1)Linux?????????
- ??????????????,?30?????,????????????????????????
???????????????????????????????????????????????
?????????????????????????????????????????????
???????????????????????????????????????????????
??????????????,???
4
(2)??Linux??????????????
- ??Linux???????????,????????????????????????,??????
??????????????,????????????,???????????????,??????
????
5
????????
- ???????????????,??????????,?????????????????????
??????,???????????????????????
6
1)????????
- ????????????,???exec?????,????????
- ??????????,???????????,?????????????
- ????????????????????,?????????
- ???????????,????????????????????????,?????????
???????????????(??,????????????),????????,?????TCB
?????????,??????????,???????????
7
2)?????
- ?fork??????,??????????????,???exec??????????,?
?????????????????????????????????????? - ?????(permitted privileges set)??????????
- ??????(inheritable privileges
set)??????exec????????????????? - ?????(effective privileges set)???????????
8
?????????
9
( 3)??????
- ??Linux???????????,???Linux/include/Linux/capa
bilities????????? - 1)CAP_MAC_READ ???????????????????
- 2)CAP_MAC_WRITE ???????????????????
- 3)CAP_AUDIT ????????????
10
(4)?????
- ?Linux????????,????????????????cap_
effective?cap_inheritable?cap_permitted????kernel_
cap_t??(??????)????????????(cap_effective)????????
??????,????????(cap_permitted)?????????????,??????
???(cap _inheritable)???????exec????????????kernel
_cap _t????????????,?32?,????????????????
11
(No Transcript)
12
(5)?????
- ?????????,???????????,??,??????????filepriv,??
????????? - devfidvalidfixed privilegesinher
privilegespath name?? - ??,dev??????????fid??????ID?valid??????????in
ode??????????????????fixed privilege???????inhe
r privilege????????path name?????????
13
4 ???????
- ????????????,????????????????
- 1)??????????
- 2)????????
- 3)???????????(????????????)
- 4)????
- 5)???????????????????????????
- 6)????????????????????????
14
???????
- ???????????????????????,???????????????,????????,?
???????????(??????)???????????????????????,??????
?????????????
15
?????
16
(4)??????
- 1)????????????????
- a)???????????????AEXEMPT??,?????,???????????
???????,???????????,?????????????????????,???????
???????task??? a_event??,?????????????????a_procem
ask,????? task???AUDITME??,??????
17
- b)????????????task???AUDITME??????,????????????
??????,???????????,???????????,???AUDITME???????
???? - c)?????????????????????????,?????????????????????
??????namei???,???task???AUDITME????,????????????(
??)????,??????,???? - ??,??????????????a_event,???????????????,????????
???????????????????,?????AUDITME??,?????
18
(6)???????????
- 1)????????
- ???????,???????,??????,???????????????????????
?????????,?????????????,???????(??????????????????
??)???????????MAC???????PAC,??????????????????
19
2)????????????
- ??????????????????????????????????,?????????MAC???
20
7.5.5 ????????????
- 1??????????
- ??????????????,???????????????????????,?????????
??????????????????????(1)???????????,???????????
????,????????,??????,???????????(2)??????????????
????,???????????????????,????????????????????????(
3)???????????????????,?????????????????????????,?
?????,?????????
21
2??????????
- (1)?????
- (2)??????
- (3)????
22
3??????????
- ??????1983?????????????????????TCSEC(Trusted
Computer System Evaluation Criteria),?????,??,????
??????????????,???????????????????????????????????
?,?????????????GB17859-1999?GB/T18336-2001????
23
TCSEC?????
- ????????????6?????,??,4???????,2?????????1-??????
?2-?????3-?????4-?????5-?????6-????? - ??6?????,TCSEC??????????????????????????????????
?????????????????????,?????????,??????????????????
?????????
24
4?7?????
- D?D?,??????,?????????
- C??????,
- C1????????
- C2???????????,??DAC??????
- B??????,
- B1????????,??MAC?????????
- B2??????,?????????,???MAC,???????????????????
???????? - B3?????,???????TCB??????????????????????
- A?A1?(?????),?????,??????????????
25
7.6 ??????????SELinux
26
(No Transcript)
27
(No Transcript)
28
(No Transcript)
29
7.7????Windows 2000/XP????
- Windows 2000/XP????????????????????????,??????????
????,??????????????????????????????Kerberos
5?????????Secure Sockets Layer 3.0?????EFS???????
30
(No Transcript)
31
(No Transcript)
32
(No Transcript)
33
(No Transcript)
34
(No Transcript)
35
(No Transcript)
36
7.7.1??????????
- 1?????
- ??Windows 2000/XP????????????????
- (1)???????(SRM)?????(NTOSKRNL.EXE)?????,??????????
???????????????????????????? - (2)??????(LSA)???????????LSASS.EXE??????,?????????
???(??????????????????????????????????????????)???
??????????????????????
37
- (3)LSA?????????????????????????,?????????????HKEY-
LOCAL-MACHINE/security??????????????????????????
?????????????(????????????)?????????????????????
? - (4)????????????????????????,??????????????????(???
??????)???????SAM?LSASS???????????
38
- (5)SAM?????????????????????????????,?????HKEY-LOCA
L-MACHINE\SAM???????? - (6)??????????????MSV1_0??????(DLL),???Windows
?????LSASS????????????DLL????????????????SAM??????
????,????,??????????
39
- (7)??????????WINLOGON.EXE??????,???????????,????LS
A??????,???????????????? - (8)???????????????????SERVICES.EXE????????????????
??????,?????????LSASS???????
40
2????
- ?????????WinLogon?LSA???????SAM????????
- ???????,?????,??????????,?LSA??????????msv1_0?????
???SAM???????,???????,msv1_0????????SAM???????????
????????????,LSA?????????,???SID??SID???????????,?
?,????????????,???????????,???????????????????????
?????????????????????????????
41
7.7.2 ????
- 1 ????
- ???????????????????,??????????????????????????????
??????????????????????????????????????????????????
??
42
2??????
- ???????????????????????,????ID(SID),???????????/?
???????????????,????????????????????????????,????
?????????????????????? - ?????????????,??,??????,???????????????????,?????
?????????????????????????? - ???????????????????????,?????????????????
43
Windows 2000/XP?????
44
5 ACL???
- ??????????ACL,?????????????,???
- ?1???????????,????????????,????????????????
- ?2??????????????,??????,???????????????????????,?
??????ACE??????????,??????????????????????????????
ACE,????????ACL,???????? - ?3??????????,?????????????????ACL,???????????????
???,????LSA?SAM????????????????????DACL?
45
6??????
- ????????????????,????ACL??ACE?????????????????????
(1)??????DACL,???????,????????????(2)
????????????,??????DACL????????????(3)
????????????,???????????DACL??????(4)??????????ACE
,???????????????????SID,?ACE??????????????????(5)?
?????????ACE,???????????????????SID,????????,??ACE
??????????????????????
46
7????
- ??????16?,???????????????????????????0??File_read_
data??,??????0??Event_query_status???
47
48
7.7.3 ????
- Windows????????????????????????????????????????
??????????????????????????????????????????????????
?,??????????,????????????????????????????????????
???????,???????????,??????????????????????????????
???,??????????????????????????????????????????
49
7.7.4 ??????
- ??????EFS(Encrypted File System)?NTFS????????,????
????EFS????????????,?????????????FEK(File
encryption Key)???????????DES(Data Encryption
Standard)??--DESX???????????????????????????????
50
EFS????
51
EFS????
Recommended
CrystalGraphics Presentations
