Scribd
Upload
4 views

Lab -Access Control Copyyyyyyy

The document outlines a lab manual for implementing Discretionary Access Control (DAC) in Kali Linux, focusing on managing file and directory permissions. It includes exercises on viewing, modifying permissions, changing ownership, and exploring special permissions like SUID, SGID, and Sticky Bit. The lab aims to equip students with essential skills for securing a Linux system and controlling user access rights.

Uploaded by

munazamalik62
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
4 views

Lab -Access Control Copyyyyyyy

The document outlines a lab manual for implementing Discretionary Access Control (DAC) in Kali Linux, focusing on managing file and directory permissions. It includes exercises on viewing, modifying permissions, changing ownership, and exploring special permissions like SUID, SGID, and Sticky Bit. The lab aims to equip students with essential skills for securing a Linux system and controlling user access rights.

Uploaded by

munazamalik62
Copyright
© © All Rights Reserved
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 11

Department of Computing and Emerging Technologies

Date: 24-03-25

Registration No: COSC2311211-24


Name: Munaza Shehzadi
Class: BSCS
Section: Morning
Semester: 4th
Session: 2023-2027
Course Code: IS(Lab)-COSC-2207
Course Name: Information Security
Teacher Name: Mr. Zia Ur Rehman
Discretionary Access Control (DAC)
in Kali Linux
Description:

Student’s Signature: munaza

Total Marks: Obtained Marks:


Lab Manual Solution: Discretionary Access
Control (DAC) in Kali Linux
Lab Title: Implementing Discretionary Access Control
(DAC) in Kali Linux Objective:
• Understand the concept of Discretionary Access Control (DAC).
• Learn how to manage file and directory permissions in Kali Linux.
• Practice assigning and modifying access rights using chmod, chown, and chgrp commands.
• Explore special permission bits: SUID, SGID, and Sticky Bit.

Prerequisites:
• Basic knowledge of Linux command-line interface.
• Kali Linux installed (physical or virtual environment).
• A user account with administrative privileges.

Lab Exercises:
Exercise 1: Understanding File and Directory Permissions
Step 1: Viewing File Permissions

1. Open the terminal in Kali Linux.


2. Check the permissions of a file using: ls -l /etc/passwd o

Output Example:

-rw-r--r-- 1 root root 2345 Mar 18 10:00 /etc/passwd o

Breakdown:

 -rw-r--r--: File permissions. ▪ 1: Number of links.


 root root: Owner and group.
 2345: File size in bytes.
 Mar 18 10:00: Last modified date.

 /etc/passwd: File name.


Step 2: Understanding Permission Structure

File permissions are divided into three sets:


1. Owner (User): First set (rw- in
example)
2. Group: Second set (r-- in
example)
3. Others: Third set (r-- in
example)

Each set contains:

r: Read permission

w: Write permission

x: Execute permission
Exercise 2: Modifying File and Directory Permissions Using chmod

Step 1: Changing File Permissions

1. Create a test file:


touch myfile.txt

2. Assign read (r), write (w), and execute (x) permissions to the

owner: chmod u+rwx myfile.txt

3. Remove write permission for the group: chmod g-w

myfile.txt

4. Check the updated permissions: ls -l myfile.txt

Step 2: Using Numeric Permissions

• Permissions can be represented numerically:


o Read (r) = 4
o Write (w) = 2
o Execute (x) = 1
• Example: chmod 750 myfile.txt

 7(Owner) = Read + Write + Execute (4+2+1)

 5 (Group) = Read + Execute (4+1)

 (Others) = No permission
Exercise 3: Changing File Ownership and Group Ownership
Step 1: Changing File Owner

1. Create a new user for testing:

sudo useradd testuser

2. Change the owner of myfile.txt:

sudo chown testuser


myfile.txt
3. Verify the ownership change:

ls -l myfile.txt
4. Step 2: Changing Group

Ownership

1. Create a new group: sudo

groupadd testgroup

2. Assign the file to the new

group: sudo chgrp

testgroup myfile.txt

3. Verify the change:

ls -l myfile.txt
Exercise 4: Exploring Special Permissions (SUID, SGID, Sticky Bit)

Step 1: Set User ID (SUID)

• When applied, an executable runs with the file owner's privileges.

1. Assign SUID to a binary: sudo chmod u+s

/usr/bin/passwd

2. Check if SUID is set:


ls -l /usr/bin/passwd o

Output Example:

-rwsr-xr-x 1 root root 54321 Mar 18 10:00 /usr/bin/passwd o s


indicates SUID is set.
Step 2: Set Group ID (SGID)

• When applied to directories, new files inherit the group ownership of the
directory.

1. Assign SGID to a

directory: mkdir

shared_dir chmod g+s

shared_dir

2. Verify: ls -ld

shared_dir Step 3:

Sticky Bit

• Prevents users from deleting files they don’t own in a shared directory.

1. Set the sticky bit on a directory:

chmod +t /tmp

2. Verify: ls -ld /tmp o t at the end (drwxrwxrwt) confirms the sticky bit

is set.
Conclusion:
In this lab, we explored Discretionary Access Control (DAC) in Kali
Linux, including managing file and directory permissions, changing
ownership, and implementing special permissions. These skills are
crucial for securing a Linux system and controlling access based on user
privileges.

Additional Tasks:
• Create multiple users and test access restrictions.
• Try modifying files as different users.
• Explore Access Control Lists (ACLs) for more granular control.

Explanation of Below Pic: The file likely exists but is not accessible to user2 due
to:

Permissions: The file has 600 permissions, meaning only user1 can read or
write it.

Location: If the file is in user1's home directory, user2 may not have
permission to access that directory.
References:

• Linux man pages: man chmod, man chown, man ls


• Kali Linux Documentation: https://www.kali.org/docs/

You might also like