Unix has experimented with several security programs. a user can attach a watchdog program to a file that grants or denies acces
s whenever a program requests access to that file. the cops program scans a given system for possible security holes and alerts the user to possible problems. discuss the pros and cons of each program.
This program becomes the number one security mechanism for file access.
Pros:
A benefit of using watchdog program is that you have a centralized mechanism for controlling access to a file
You are assured of having secure access to your file
Cons:
It becomes a bottleneck.
If this program has a security hole, there are no other guaranteed backup mechanisms for file protection.
COPS
COPS is a collection of a dozen programs that attempt to tackle problems in UNIX security. It checks for a number things like poor passwords, device permissions, files run in /etc/rc*, existence of root SUID, and many other things.
Pros:
This program provides methods of checking for common procedural errors.
COPS collect outputs and either mails the information to the admin or logs it in.
Cons:
It could be modified by an intruder or even take advantage of its features.
It is meant to tighten the security, not a tool to be used to find security flaws. It does not directly correct errors found.
