Confinement Principle

The confinement principle states that if a code is untrusted then “KILL IT”.
We often need to run a buggy/untrusted code:

 Program from untrusted internet sites: Eg: apps, extensions, plugins,

codes for the media player.
 Exposed applications: PDF viewers, outlooks
 Legacy demons: Sendmail, Bind
 Honeypots

Confinement: Ensure misbehaving application cannot harm the rest of the

system. If any application showing malicious activity kill it so that it cannot
harm the rest of the system.

Detour used in UNIX user Ids and process Ids

1. Detour is defined as few words about Unix user IDs and IDs associated with
Unix processes.
2. Every user in Unix like operating system is identified by different integer
number, this unique number is called as UserID.
3. There are three types of UID defined for a process, which can be
dynamically changed as per the privilege of task.
4. The three different types of UIDS defined are :
A). Real UserID : It is account of owner of this process. It defines which files
that this process has access to.
B). Effective UserID : It is normally same as real UserID, but sometimes it is
changed to enable a non-privileged user to access files that can only be
accessed by root.
C). Saved UserID:It is used when a process is running with elevated privileges
(generally root) needs to do some under-privileged work, this can be achieved
by temporarily switching to non-privileged account.
5. A subject is a program (application) executing on behalf of some
principal(s).
6. A principal may at any time be idle, or have one or more subjects executing
on its behalf. An object is anything on which a subject can perform operations
(mediated by rights) usually objects are passive, for example :
a. File
b. Directory (or folder)
c. Memory segment.
7. Each user account has a unique UID. The UID 0 means the super user
(System admin). A user account belongs to multiple groups. Subject are
processes, associated with uid/gid pairs.

Following are the various confinement techniques

1. Chroot (change root):
a. A chroot on Unix operating systems is an operation that changes the
apparent root directory for the current running process and its children.
b. The programs that run in this modified environment cannot access the
files outside the designated directory tree. This essentially Iimits their
access to a directory tree and thus they get the name chroot jail.
c. The idea is that we create a directory tree where we copy or link in all
the system files needed for a process to run.
d. We then use the chroot system call to change the root directory to be at
the base of this new tree and start the process running in that chrooted
environment.
e. Since it cannot actually reference paths outside the modified root, it
cannot maliciously read or write to those locations.

2. Jailkits:
a. Jaillkit is a set of utilities to limit user accounts to specific files using
chroot() or specific commands.
b. Setting up a chroot shell, a shell is limited to some specific command
and can be automated using these utilities.
c. Jailkit is a specialized tool that is developed with a focus on security.
d. It will abort in a secure way if the configuration is not secure, and it will
send useful log messages that explain what is wrong to system log
e. Jailkit is known to be used in network security appliances.

3. FreeBSD jail:
a. FreeBSD is a popular free and open-source operating system that is
based on the Berkeley Software Distribution (BSD) version of the Unix
operating system.
b. It runs on processors such as the Pentium that are compatible with
Intel's x86.
c. FreeBSD s an alternative to Linux that will run Linux applications.
d. The jail mechanism is an implementation of FreeBSD's OS-level
virtualization that allows system administrators to partition a FreeBSD-
derived computer system into several independent mini-systems called
jails, all sharing the same kernel, with very little overhead.
e. The need for the FreeBSD jails came from a small shared-environment
hosting provider's desire to establish a clean, clear-cut separation
between their own services and those of their customers, mainly for
security and ease of administration.
4. System call interposition:
a. System call interposition is a powerful technique for regulating and
monitoring program behaviours.
b. It gives security systems the ability to monitor all the application's
interaction with network, file system and other sensitive system
resources.

System call interposition

It is key component to implement confinement.

 It meadiates requests from application

 Implements protection policy
 Enforces isolation and confinement.
 It must always be invoked.
 It should be tamperproof, i.e. reference monitor should not be tampered
nor be killed.
 It should be small enough i.e. reference monitor should be small than
we can validate or check it easily.

Error 404 Hacking digital India part 2 chase

Some attacks discuss in error 404 digital hacking India part 2 chase are:

 Israel Power Grid hit by a big hack attack is being called one of the
worst cyberattacks ever.
 In 2014 a hydropower plant in upstate New York got hacked.
 France in infrastructure including its main nuclear power plant is being
targeted by a new and dangerous powerful cyber worm.
 Bangladesh's best group hacked into nearly 20000 Indian websites
including the Indian border security force.
 First virus that could crash Power Grid or destroy the pipeline is
available online for anyone to download and Tinker with.
 India’s biggest data breach, (the SBI debit card breach) when this
happened Bank was initially in a state of denial but subsequently they
had to own up the cyber security breach that took place in Indian
history.