Process Permissions Important note:processes running on behalf of user X have permissions associated with X.not process file owner Y So if root owns Is,user aaron can not use Is to peek at other users'files Exception:special permission "setuid"sets the user-id associated with a running process to the owner of the program file
Process Permissions • Important note: processes running on behalf of user X have permissions associated with X, not process file owner Y • So if root owns ls, user aaron can not use ls to peek at other users’ files • Exception: special permission “setuid” sets the user-id associated with a running process to the owner of the program file
Disk Encryption Data storage medium is another security concern Most file systems store data in the clear,rely on runtime security to deny access Assumes the physical disk won't be stolen The disk itself can be encrypted Hopefully by using separate passkeys for each user's files -(Challenge:how do you implement read access for group members?) Metadata encryption may be a separate concern
Disk Encryption • Data storage medium is another security concern – Most file systems store data in the clear, rely on runtime security to deny access – Assumes the physical disk won’t be stolen • The disk itself can be encrypted – Hopefully by using separate passkeys for each user’s files – (Challenge: how do you implement read access for group members?) – Metadata encryption may be a separate concern
Outline File systems overview NFS AFS (Andrew File System) ·Google File System
Outline • File systems overview • NFS & AFS (Andrew File System) • Google File System
Distributed Filesystems Support access to files on remote servers Must support concurrency Make varying guarantees about locking,who “wins”with concurrent writes,etc.. Must gracefully handle dropped connections Can offer support for replication and local caching Different implementations sit in different places on complexity/feature scale
Distributed Filesystems • Support access to files on remote servers • Must support concurrency – Make varying guarantees about locking, who “wins” with concurrent writes, etc... – Must gracefully handle dropped connections • Can offer support for replication and local caching • Different implementations sit in different places on complexity/feature scale
Distributed File Systems General goal:Try to make a file system transparently available to remote clients. 1.File moved to client Client Server Client Server Old file New file Requests from client to access File stays 2.Accesses are 3.When client is done, remote file on server done on client file is returned to server (a) (b) (a)The remote access model. (b)The upload/download model
Distributed File Systems • General goal: Try to make a file system transparently available to remote clients. • (a) The remote access model. (b) The upload/download model