The system must control applets' accesses to sensitive system resources, such as the file system, the processor, the network, and internal state variables. But the term "the file system" is very broad, and useful applets usually need some persistent storage. Suggest controls that could be placed on access to the file system. Your answer has to be more specific than "allow all reads" or "disallow
all writes." Your answer should essentially differentiate between what is "security critical" and not or "harmful" and not.
What will be an ideal response?
On
the
order
of
a
host-?based
intrusion
detection
system,
consider
what
privileges
the
applet
requires:
to
which
resources
it
should
legitimately
have
access.
Consider
files
to
which
no
or
few
applets
should
have
access,
such
as
the
password
file,
configuration
files,
and
other
security-?critical
databases.
Consider
giving
an
applet
full
access
to
a
fenced-?off
storage
space,
but
denying
the
applet
direct
access
to
other
files:
to
what
resources
does
the
applet
need
access
to
be
useful?
Be
sure
to
distinguish
between
"need"
and
"want":
sometimes
recoding
the
applet
can
allow
it
to
be
access
fewer
resources
without
limiting
its
effectiveness.
You might also like to view...
Answer the following statements true (T) or false (F)
1. You may not have overloaded friend operators in a class template 2. If your program defines a class template, then the compiler will generate a class for each different data type for which it is instantiated. 3. Classes can be defined as templates. 4. In a template function definition, all parameters must be of the template class (T). 5. If you define a function template, then the compiler will create a separate function definition for every data type that exists.
When the UNIX Processor Manager is deciding which process from the READY queue will be loaded into memory to be run first, it chooses the process ____.
A. with the lowest priority B. which has been waiting longest for an execution slot C. with the least amount of time remaining to execute D. with the longest time spent on the secondary storage