Worksheet 3

Video Lecture

eLearn link: Process creation: fork+exec

After the lecture, you will learn the following concept:

  1. fork + exec + waitpid
  2. Zombie process / Orphan process / Double fork
  3. Background job (&)
  4. Shell built—in commands
  5. $PATH environment variable: the executable location

Readings

  1. The Abstraction: The Process
  2. The Process API
  3. The UNIX Philosophy: Everything is a File

Hands-on Lab

  1. Mini-cloud: explore virtual machine and Docker container
  2. Process creation: explore more about fork() and exec().
  3. Linking (this lab last for two weeks, concept check: Sept. 24): explore how executable is built and distributed through library

Learning Goals

Sept. 17 Quiz will check:

  1. I understand how a process is created through fork and exec, and the purpose of waitpid.
  2. I understand the purpose of environment variable.
  3. I understand the purpose of the PATH environment variable.
  4. I understand what a zombie/orphan/daemon process is.
  5. I understand double fork, and quiz of multiple forks in the video lecture.
  6. I know at least one biggest difference between Docker container and virtual machine (Mini-cloud)
  7. I understand why Unix adopts the Everything is a File philosophy and the advantage of its approach of handling text streams between processes, compared to using dedicated API for IPC, like Powershell. (UNIX Philosophy)

Sept. 24 Quiz will check:

  1. I understand the difference between static and shared library, the advantage and disadvtange of each approach, and in which scenario they are used.

Additional resource for W1

Last week we talk about the delete-opened-file trick where hacker uses to hide themselves (run an executable and immediately delete the executable to prevent administrator to find clues about what kind of process is being run).

I also did a classroom demo of how the space of a file can’t be released until the process who opened it has been shut down. If you want to reproduce that in Google Colab, here’s the commands:

# create a dummy big file
dd if=/dev/zero of=bigfile.txt bs=4M count=1000
python3
>> f = open("bigfile.txt")
>> import os
>> os.getpid() # get my process ID

....
# now remove the big file
rm bigfile.txt

# open another terminal window in TMUX with ctrl-b c
# replace [PID] above with process ID
cd /proc/[PID]/fd

# you can see the opened files of the python process
# including the deleted big file
ls

....
# use ctrl-b n to switch back to the previous TMUX window
# the python process
# you are able to read the deleted file.  The file disappear from ls, but is still
# not cleaned up by the OS because a process still keeps it opened
>> b = f.read()

# kill the python process
kill [PID]

Here’s another movie that show how hacker use tools to exploit the bug in OS and get root permission through priviledge escalation.

Back to top