Assignment 2 Access Control CMPSC443 Introduction to Computer and Network Security Spring 2009 Prof McDaniel Due date February 17 2009 In this assignment you will create a tool that identifies and repairs permissions in a UNIX filesystem The following details the purpose and use of this program Follow these instructions very carefully as failure to do so will significantly reduce your final grade 1 You are to create the permis program a complex UNIX administration utility The program will recursively search the UNIX filesystem for files whose access policy match a search criteria specified on the command line At each run the program will determine the query parameters for a a target directory b a target entity and c query permissions as follows 2 The target directory is specified by the command line argument1 d directory where directory is some absolute or relative path in the UNIX filesystem The program should abort the query and notify the user if the directory does not exist If this parameter is not specified the local directory should be used 3 The target entity is specified by one of the following the command line arguments u user or g group or o where user is a user and group is a group The o refers the the world of UNIX filesystem semantics If this parameter is not specified the user running the program should be used Extra credit The program should abort the query and notify the user if the target entity does not exist by checking the etc passwd or etc groups files through the UNIX functions getgrnam and getpwnam 4 The query permissions are determined through the specification of one or more of the following r or w or x whose semantics are not surprisingly read write and execute The program should abort the query and notify the user if no permissions are specified 5 The program works as follows The program checks every file in the target directory and all of its subdirectories This check determines if the target entity has all of the permissions and prints out the filename with full path to standard output Note that you should expend some effort making the output look nice e g by providing as much information about the file as possible e g the output of the ls lt command 6 Extra credit The program should modify the permissions of the each of the files that match the permission query The command is specified as chmod mode where mode is one of the permission forms accepted UNIX chmod program e g a x Note You can do a lot of damage to your system with this tool you can brick your OS if you are not careful Test it out very very carefully 7 Programming Notes You are to create the program using C compiler and Makefile as in the first assignment You will be graded on both correctness and code clarity Therefore comment the code thoroughly and format it carefully Use the getopt function to process the arguments Note that the command line parameters can appear in any order Any argument received on the command line that does not adhere to the specifications above should cause the program to abort and warn the user note the specific argument that is causing the problem should be included in the error message Use the stat function to check the permissions of a file type man 2 stat at the UNIX prompt for details 1 The angle brackets are used to identify non literal inputs on the command line e g user names 1 8 Consider the following examples permis u mcdaniel d usr share r would find all files that the user mcdaniel has read access in the usr share directory tree permis o d etc x would find all world writable files in the etc directories permis r g students x w this would find all files in the local directory tree that members of the student group can read write and execute permis w d home mcdaniel o chmod o w would remove all the world write permissions in the home directory of user mcdaniel 9 Create a gzipped tar file containing the commented code and Makefile The tar file psu id assign2 tgz should contain a single directory lastname assign2 with all the submission files 10 Attach the gziped tar file to an email with the subject CMPSC 443 Assignment 2 and addressed to mcdaniel cse psu edu and buz107 psu edu by 5 00PM on the due date Any projects will be subject to the late penalties outlined in the course syllabus Note Like all assignments in this class you are prohibited from copying any content from the Internet or sharing ideas code configuration text or anything else or getting help from anyone in or outside of the class Consulting online sources is acceptable but under no circumstances should anything be copied Failure to abide by this requirement will result dismissal from the class 2