Question

Unix has experimented with several security programs. a user can attach a watchdog program to a file that grants or denies access whenever a program requests access to that file. the cops program scans a given system for possible security holes and alerts the user to possible problems. discuss the pros and cons of each program.

Answer 1

Watchdog Program

This program becomes the number one security mechanism for file access.

Pros:

1. A benefit of using watchdog program is that you have a centralized mechanism for controlling access to a file
2. You are assured of having secure access to your file

Cons:

1. It becomes a bottleneck.
2. If this program has a security hole, there are no other guaranteed backup mechanisms for file protection.

COPS

COPS is a collection of a dozen programs that attempt to tackle problems in UNIX security. It checks for a number things like poor passwords, device permissions, files run in /etc/rc*, existence of root SUID, and many other things.

Pros:

1. This program provides methods of checking for common procedural errors.
2. COPS collect outputs and either mails the information to the admin or logs it in.

Cons:

1. It could be modified by an intruder or even take advantage of its features.
2. It is meant to tighten the security, not a tool to be used to find security flaws. It does not directly correct errors found.