GitHub - Horse-G/Secure-File-System

Branches Tags

Name		Name	Last commit message	Last commit date
Latest commit History 4 Commits
keychain		keychain
.DS_Store		.DS_Store
README.txt		README.txt
a.out		a.out
encrypt.c		encrypt.c
makefile		makefile
makefile 2		makefile 2
objget.c		objget.c
objgetacl.c		objgetacl.c
objlist.c		objlist.c
objput.c		objput.c
objsetacl.c		objsetacl.c
objtestacl.c		objtestacl.c
test.acl		test.acl
testfile.txt		testfile.txt

Repository files navigation

----user name---|---password---|----------------note----------------
     tinyvm     |   security   |   system file owner, non-previleged
	 u1     |   security1  |   normal user,non-previleged
	 u2     |   security2  |   intruder,non-previleged
	 
system file objput and objsetacl are set as setuid program as they involve writing previlege which was not granted to a normal executable binary.
As the principle of "least previlege" is adapted, the system only grant previlege to as few files as possible to minimize the possibility of system screw up by potential compromised use.