Privilege (computer science): Difference between revisions

From HORSE - Holistic Operational Readiness Security Evaluation.
Jump to navigation Jump to search
(New page: ==Privilege== A '''privilege''' in a computer system is a permission to perform an action. Examples of various privileges include the ability to create a file in a directory, or to read or...)
 
 
Line 2: Line 2:
A '''privilege''' in a computer system is a permission to perform an action. Examples of various privileges include the ability to create a file in a directory, or to read or delete a file, access a device, or have read or write permission to a socket for communicating over the Internet.<br>
A '''privilege''' in a computer system is a permission to perform an action. Examples of various privileges include the ability to create a file in a directory, or to read or delete a file, access a device, or have read or write permission to a socket for communicating over the Internet.<br>
<br>
<br>
Privileges can either be automatic, granted, or applied for.<br>
'''Privileges can either be automatic, granted, or applied for.'''<br>
<br>
<br>
An automatic privilege exists when there is no requirement to have permission to perform an action. For example, on systems where people are required to log into a system to use it, logging out will not require a privilege.  Systems that do not implement file protection - such as MSDOS - essentially give unlimited privilege to perform any action on a file.<br>
:* An automatic privilege exists when there is no requirement to have permission to perform an action. For example, on systems where people are required to log into a system to use it, logging out will not require a privilege.  Systems that do not implement file protection - such as MSDOS - essentially give unlimited privilege to perform any action on a file.<br>
<br>
<br>
A granted privilege exists as a result of presenting some credential to the privilege granting authority. This is usually accomplished by logging on to a system with a username and password, and if the username and password supplied are correct, the user is granted additional privileges.<br>
:* A granted privilege exists as a result of presenting some credential to the privilege granting authority. This is usually accomplished by logging on to a system with a username and password, and if the username and password supplied are correct, the user is granted additional privileges.<br>
<br>
<br>
A privilege is applied for by either an executed program issuing a request for advanced privileges, or by running some program to apply for the additional privileges. An example of a user applying for additional privileges is provided by the sudo command to run a command as the root user, or by the Kerberos authentication system.<br>
:* A privilege is applied for by either an executed program issuing a request for advanced privileges, or by running some program to apply for the additional privileges. An example of a user applying for additional privileges is provided by the sudo command to run a command as the root user, or by the Kerberos authentication system.<br>
<br>
<br>
Modern processor architectures have CPU modes that allows the OS to run at different privilege levels. Some processors have two levels (such as ''user'' and ''supervisor''); i386+ processors have four levels (#0 with the most, #3 with the least privileges). Tasks are tagged with a privilege level. Resources (segments, pages, ports, etc.) and the privileged instructions are tagged with a demanded privilege level. When a task tries to use a resource, or execute a privileged instruction, the processor determines whether it has the permission (if not, a "protection fault" interrupt is generated). This prevents user tasks from damaging the OS or each other.  
Modern processor architectures have CPU modes that allows the OS to run at different privilege levels. Some processors have two levels (such as ''user'' and ''supervisor''); i386+ processors have four levels (#0 with the most, #3 with the least privileges). Tasks are tagged with a privilege level. Resources (segments, pages, ports, etc.) and the privileged instructions are tagged with a demanded privilege level. When a task tries to use a resource, or execute a privileged instruction, the processor determines whether it has the permission (if not, a "protection fault" interrupt is generated). This prevents user tasks from damaging the OS or each other.  


[[Category:Operating system security]]
[[Category:Operating system security]]

Latest revision as of 18:37, 14 June 2007

Privilege

A privilege in a computer system is a permission to perform an action. Examples of various privileges include the ability to create a file in a directory, or to read or delete a file, access a device, or have read or write permission to a socket for communicating over the Internet.

Privileges can either be automatic, granted, or applied for.

  • An automatic privilege exists when there is no requirement to have permission to perform an action. For example, on systems where people are required to log into a system to use it, logging out will not require a privilege. Systems that do not implement file protection - such as MSDOS - essentially give unlimited privilege to perform any action on a file.


  • A granted privilege exists as a result of presenting some credential to the privilege granting authority. This is usually accomplished by logging on to a system with a username and password, and if the username and password supplied are correct, the user is granted additional privileges.


  • A privilege is applied for by either an executed program issuing a request for advanced privileges, or by running some program to apply for the additional privileges. An example of a user applying for additional privileges is provided by the sudo command to run a command as the root user, or by the Kerberos authentication system.


Modern processor architectures have CPU modes that allows the OS to run at different privilege levels. Some processors have two levels (such as user and supervisor); i386+ processors have four levels (#0 with the most, #3 with the least privileges). Tasks are tagged with a privilege level. Resources (segments, pages, ports, etc.) and the privileged instructions are tagged with a demanded privilege level. When a task tries to use a resource, or execute a privileged instruction, the processor determines whether it has the permission (if not, a "protection fault" interrupt is generated). This prevents user tasks from damaging the OS or each other.