diff options
Diffstat (limited to 'security/advanced/frm_process_thread.tex')
| -rw-r--r-- | security/advanced/frm_process_thread.tex | 113 |
1 files changed, 113 insertions, 0 deletions
diff --git a/security/advanced/frm_process_thread.tex b/security/advanced/frm_process_thread.tex new file mode 100644 index 0000000..b58a452 --- /dev/null +++ b/security/advanced/frm_process_thread.tex @@ -0,0 +1,113 @@ +% ---------------------------- +\subsubsection{Process Isolation} + +% ---------------------------- +\begin{frame}[fragile] +\frametitle{Why isolating tasks?} +\begin{figure}[h] +\centering +\includegraphics[width=5cm]{images/multithread_norm.png} +\end{figure} +\end{frame} + +% ---------------------------- +\begin{frame}[fragile] +\frametitle{Multithreaded Application under attack} +\begin{figure}[h] +\centering +\includegraphics[width=5cm]{images/multithread_attack.png} +\end{figure} +\end{frame} + +% ---------------------------- +\begin{frame}[fragile] +\frametitle{Multi-process vs. Multi-thread} +\begin{figure}[h] +\centering +\includegraphics[width=8cm]{images/multiproc_norm.png} +\end{figure} +\end{frame} + +% ---------------------------- +\begin{frame}[fragile] +\frametitle{Multi-process under attack} +\begin{figure}[h] +\centering +\includegraphics[width=8cm]{images/multiproc_attack.png} +\end{figure} +\end{frame} + +% ---------------------------- +\subsubsection{Memory Management} + +% ---------------------------- +\begin{frame}[fragile] +\frametitle{Memory Manangement} +\begin{itemize} +\item create process context +\item overload VMA +\end{itemize} +\begin{figure}[h] +\centering +\includegraphics[width=8cm]{images/proc_isol.png} +\end{figure} +\end{frame} + +% ---------------------------- +\subsubsection{Multiprocess Programming} + +% ---------------------------- +\begin{frame}[fragile] +\frametitle{Multiprocess Programming} +\begin{columns}[onlytextwidth] + \begin{column}{0.45\textwidth} + \begin{beamerboxesrounded}[shadow=true]{Program:} + \begin{tiny} + \begin{verbatim} +[...] +pid = fork(); +switch (pid) { +case -1: + /* error handling */ +case 0: + /* child processing */ + execve(argv[0], &argv[0], envp); + break; +default: + /* parent processing */ + [...] + pid = wait(&status); +} +[...] + \end{verbatim} + \end{tiny} + \end{beamerboxesrounded} + \end{column} + \begin{column}{0.45\textwidth} + \begin{beamerboxesrounded}[shadow=true]{Arguments:} + \begin{tiny} + \begin{verbatim} +char *argv[] = { + "/bin/myappl", + "--config", + "/etc/myconfig", + NULL, +}; + \end{verbatim} + \end{tiny} + \end{beamerboxesrounded} + \begin{beamerboxesrounded}[shadow=true]{Environment:} + \begin{tiny} + \begin{verbatim} +char *envp[] = { + "HOME=/myhome", + "PATH=/bin:/usr/bin", + "TZ=UTC0", + NULL, +}; + \end{verbatim} + \end{tiny} + \end{beamerboxesrounded} + \end{column} +\end{columns} +\end{frame} |