1

1: Docker Engine and Docker Basics

Q1(A): What is the Docker Engine that you downloaded and what does it do?

Docker Engine is a containerization technology that allows you to build and run applications

in isolated environments called containers. These containers are lightweight, portable, and

include everything needed to run the application, including the code, runtime, libraries, and

system tools.

Q1(B): What is the difference between Docker Container and Virtual Machine?

Docker Container: Shares the host OS kernel, lightweight, starts quickly, and has lower

overhead while,

Virtual Machine: Runs a full OS including its own kernel, heavier, slower to start, and has

higher overhead

Q1(C): What is meant by 'build' the docker image? What do you achieve after this

step?

Building a Docker image involves creating an executable package that includes the

application code, runtime, libraries, and environment variables. After building an image, you

have a portable and reproducible environment that can run your application consistently

across different systems.

Q1(D): Include a FULL screenshot of your system showing that the image is

successfully built.

scrnt
2

2: Kernel and Malware

Q2(A): What is a Kernel in an Operating System? Can a malware be loaded into a

machine before the Kernel is loaded?

The kernel is the core part of an operating system, managing system resources and facilitating

communication between hardware and software. Malware can be loaded before the kernel

through boot sector viruses or other pre-boot techniques.

Q2(B): Include a screenshot of the file that is accessible by alice on your machine.

scrnt

Q2(C): Include the password you found.

scrnr

3: Unix/Linux Access Control with chmod

Q3(A): What does the Chmod command do in Unix?

The chmod command is used to change the file mode (permissions) of a file or directory.

Q3(B): What are the classes of users, operator, and mode supported by Chmod

command? List them with a very brief description (1-2 lines maximum).

-Classes: user (u), group (g), others (o), all (a).

-Operators: add (+), remove (-), assign (=).

-Modes: read (r), write (w), execute (x).

Q3(C): Include the command used to set the requested permission with a very brief

description showing your understanding.

chmod 755 group– sets read, write, execute permissions for the owner, and read and execute

permissions for group and others.

4: Access Control and Permissions

Q4(A): What is the file that is accessible to carol? Why?

fid

Q4(B): Include a screenshot of this file on your system.

scrnt

5: SUID Permission and Capabilities

Q5(A): Include a screenshot of running the commands used in Task 4 on your own

machine.

scrnt

Q5(B): In a paragraph summarise what you understood about SUID permission and

capabilities working through Task 4 in your own words.

SUID (Set User ID) permission is a special type of file permission in Unix/Linux systems

that allows users to execute a file with the file owner's privileges rather than their own. When

the SUID bit is set on an executable file, any user who runs this file temporarily gains the
4

permissions of the file's owner during the execution. This means that the user can perform

actions within the program that would typically require the owner's permissions.

Implications:

● Elevated Privileges:

SUID can grant users access to resources and actions that they normally wouldn't have

permission to use, such as modifying system files or accessing restricted directories.

● Security Risks:

If misconfigured or used carelessly, SUID can become a security vulnerability. Malicious

users might exploit SUID-enabled executables to gain unauthorized access to sensitive data

or execute harmful commands.

● Controlled Access:

When used correctly, SUID is a powerful tool for allowing specific elevated tasks without

granting broader administrative access. It provides a controlled way for users to perform

necessary functions while maintaining overall system security.

● Visibility and Management:

System administrators must regularly check for and manage files with the SUID bit set.

Using commands like find / -perm /4000 helps identify such files to ensure they are necessary

and secure.
5

6: File Permissions

Complete the following sentences:

Q6(A): If you wanted to have a data file that you could read, write, and execute, but don't

want anyone else to see, the permission would be rwx------.

Q6(B): If the file is owned by the user, the OWNER permission determines the access.

Q6(C): If the group of the file is the same as the user's group, the GROUP permission

determines the access.

Q6(D): If the user is not the file owner, and is not in the group, then the OTHER permission

is used.

7: File Permissions Scenario

Consider the case of a file owned by user Jack in the group GUESTS with permissions

-----xrwx (017 in octal):

Q7(A): “Jack CAN use the file”. True or False? Justify your answer in a sentence or

two.

False. Jack cannot use the file because he does not have any permissions (read, write, or

execute) assigned to him.

Q7(B): “Anyone in the group guests CANNOT execute the program.” True or False?

Justify your answer in a sentence or two.

False. The guests group has execute (x) and write (w) permissions, allowing them to execute

the program.

Q7(C): “Everyone else besides Jack and the members of the guests group can read,

write, and execute the program.” True or False? Justify your answer in a sentence or

two.

False. Others do not have read, write, or execute permissions for the file.

8: Interview Questions

Q8(A): List any 5 interesting interview questions you can find online related to Access

Control and Unix Permissions. Include the link you found the question from.

Question 1: What command is used to change file permissions? (Chmod Command Guide -

Linuxize)

Question 2: How do you set the SUID bit in a file?

(https://www.softwaretestinghelp.com/unix-interview-questions/)

Question 3: What is the difference between hard links and symbolic links?

(https://www.guru99.com/file-permissions.html)
7

Question 4: How do you find the owner of a file? (http://linuxcommand.org/lc3_lts0090.php)

Question 5: What does the unmask command do?

(http://cs.brown.edu/cgc/net.secbook/se01/handouts/Ch03-FilesystemSecurity.pdf)