Security for a computer network refers to preventing network users, and particularly undesirable users hereinafter referred to as hackers, from engaging in unwanted activities with respect to computers or peripheral devices on the network. However, public networks are in place to provide various services for users who may need such services. Thus, network security involves an often complicated structure and/or technique for allowing certain users to use certain services while denying services to hackers.
The Internet is a well-known example of a public network providing services for users. Users may be linked to the Internet through a protocol commonly referred to as the World Wide Web (WWW). With the World Wide Web, an entity having a domain name may create a “web page” or “page” that can provide information and to a limited degree some interactivity.
A computer user may “browse”, i.e., navigate around, the WWW by utilizing a suitable web browser, e.g., Netscape™, Internet Explorer™, and a network gateway, e.g., Internet Service Provider (ISP). A web browser allows the user to specify or search for a web page on the WWW and subsequently retrieve and display web pages on the user's computer screen such web browsers are typically installed on personal computers or workstations to provide web client services, but increasingly may be found on wireless devices such as cell phones.
The Internet is based upon a suite of communication protocols known as Transmission Control Protocol/Internet Protocol (TCP/IP) which sends packets of data between a host machine, e.g., server computer on the Internet commonly referred to as web server, and a client machine, e.g., a user's computer connected to the Internet. The WWW is an Internet interface protocol which is supported by the same TCP/IP transmission protocol for the communication of document files typically formatted in a markup language, such as the Hypertext Markup Language (HTML).
Typically, servers, e.g., web servers, comprise a file system. A file system may refer to a collection of management structures which impose a logical structure upon a storage device, typically a disk storage device, in order to construct and store files of data. For example, these files may store data used to construct web pages.
A hacker may access these files on the server and hence perform unwanted activities, e.g., deface web pages, despite various security systems. A hacker may somehow subvert security systems on the server and obtain system administrator status. Upon obtaining system administrator status, the hacker may instantiate a command shell, i.e., a command line interface, by establishing a network connection with the server. The command shell may be an application in user space. Memory space in a server may be logically divided into user space and kernel space. User space may refer to that portion of memory space accessible by users. For example, user space may include user applications, e.g., command shells, word processing, spreadsheet. Kernel space may refer to that logical portion of the memory space including the operating system. That is, the kernel space may typically include the core portions of the software that performs the most essential operating system tasks, e.g., handling disk input and output operations, managing internal memory, etc.
Upon instantiating a command shell, the hacker with system administrator status may then issue a request to the kernel space to perform unwanted activities, e.g., erase files, reading files containing credit card numbers, in the file system maintained in the kernel space. For example, the hacker may issue a request to download particular software, e.g., A Trojan program, on the server's machine, to perform any conceivable type of destruction. The term Trojan program may be used to describe software that masquerades as a useful or interesting application, but that will, if loaded onto the server, perform some type of destructive or unwanted function. For example, a Trojan program may be designed to erase files, to write over existing files with information supplied by the Trojan program, to locate particular files and forward them out into the Internet, and so forth.
An implementation for preventing a hacker from performing unwanted activities by accessing the user space in a computer is by an interface to the kernel space called capabilities that allows certain capabilities of the operating system to be deactivated. The capability that is deactivated may not be reactivated except by rebooting the system. For example, the capability interface may render the file system containing web pages read-only thereby preventing the hacker from performing unwanted activities on the file system. However, even authorized system administrators will not be able to implement ordinary, routine changes unless the system is rebooted thereby causing unacceptable system downtime.
It would therefore be desirable to prevent at least in part a hacker from performing unwanted activities such as in a computer's file system even if the hacker procures system administrator status without preventing authorized system administrators from performing authorized activities.