diff options
Diffstat (limited to 'security')
| -rw-r--r-- | security/advanced/Makefile | 1 | ||||
| -rw-r--r-- | security/advanced/frm_process_thread.tex | 113 | ||||
| -rw-r--r-- | security/advanced/pres_process_thread.tex | 20 |
3 files changed, 134 insertions, 0 deletions
diff --git a/security/advanced/Makefile b/security/advanced/Makefile index 9c1bb83..cae6550 100644 --- a/security/advanced/Makefile +++ b/security/advanced/Makefile @@ -1,3 +1,4 @@ obj-$(CONFIG_SECURITY_ADV) += pres_advanced_sec.pdf obj-$(CONFIG_SECURITY_ADV) += pres_capability.pdf obj-$(CONFIG_SECURITY_ADV) += pres_exploit.pdf +obj-$(CONFIG_SECURITY_ADV) += pres_process_thread.pdf diff --git a/security/advanced/frm_process_thread.tex b/security/advanced/frm_process_thread.tex new file mode 100644 index 0000000..b58a452 --- /dev/null +++ b/security/advanced/frm_process_thread.tex @@ -0,0 +1,113 @@ +% ---------------------------- +\subsubsection{Process Isolation} + +% ---------------------------- +\begin{frame}[fragile] +\frametitle{Why isolating tasks?} +\begin{figure}[h] +\centering +\includegraphics[width=5cm]{images/multithread_norm.png} +\end{figure} +\end{frame} + +% ---------------------------- +\begin{frame}[fragile] +\frametitle{Multithreaded Application under attack} +\begin{figure}[h] +\centering +\includegraphics[width=5cm]{images/multithread_attack.png} +\end{figure} +\end{frame} + +% ---------------------------- +\begin{frame}[fragile] +\frametitle{Multi-process vs. Multi-thread} +\begin{figure}[h] +\centering +\includegraphics[width=8cm]{images/multiproc_norm.png} +\end{figure} +\end{frame} + +% ---------------------------- +\begin{frame}[fragile] +\frametitle{Multi-process under attack} +\begin{figure}[h] +\centering +\includegraphics[width=8cm]{images/multiproc_attack.png} +\end{figure} +\end{frame} + +% ---------------------------- +\subsubsection{Memory Management} + +% ---------------------------- +\begin{frame}[fragile] +\frametitle{Memory Manangement} +\begin{itemize} +\item create process context +\item overload VMA +\end{itemize} +\begin{figure}[h] +\centering +\includegraphics[width=8cm]{images/proc_isol.png} +\end{figure} +\end{frame} + +% ---------------------------- +\subsubsection{Multiprocess Programming} + +% ---------------------------- +\begin{frame}[fragile] +\frametitle{Multiprocess Programming} +\begin{columns}[onlytextwidth] + \begin{column}{0.45\textwidth} + \begin{beamerboxesrounded}[shadow=true]{Program:} + \begin{tiny} + \begin{verbatim} +[...] +pid = fork(); +switch (pid) { +case -1: + /* error handling */ +case 0: + /* child processing */ + execve(argv[0], &argv[0], envp); + break; +default: + /* parent processing */ + [...] + pid = wait(&status); +} +[...] + \end{verbatim} + \end{tiny} + \end{beamerboxesrounded} + \end{column} + \begin{column}{0.45\textwidth} + \begin{beamerboxesrounded}[shadow=true]{Arguments:} + \begin{tiny} + \begin{verbatim} +char *argv[] = { + "/bin/myappl", + "--config", + "/etc/myconfig", + NULL, +}; + \end{verbatim} + \end{tiny} + \end{beamerboxesrounded} + \begin{beamerboxesrounded}[shadow=true]{Environment:} + \begin{tiny} + \begin{verbatim} +char *envp[] = { + "HOME=/myhome", + "PATH=/bin:/usr/bin", + "TZ=UTC0", + NULL, +}; + \end{verbatim} + \end{tiny} + \end{beamerboxesrounded} + \end{column} +\end{columns} +\end{frame} diff --git a/security/advanced/pres_process_thread.tex b/security/advanced/pres_process_thread.tex new file mode 100644 index 0000000..a58f449 --- /dev/null +++ b/security/advanced/pres_process_thread.tex @@ -0,0 +1,20 @@ +\input{configpres} + +% ---------------------------- +\subsection{Linux Process Isolation} + +\title{Linux Process Isolation} +\maketitle + +% ---------------------------- +\begin{frame} +\frametitle{Overview} +\tableofcontents +\end{frame} + +% ---------------------------- +\input{security/advanced/frm_process_thread.tex} + +% ---------------------------- +\subsection*{} +\input{tailpres} |