As with homework 2, the the written assignment for homework 3 is
a security design document for the programming assignment.  In it,
you should explain the security decisions, designs, and features
of your program.

First, what are the threats against which you're defending?  Be
specific -- don't just recite the trilogy.  What are the threats
you are not defending against?

Second, explain how your program achieves those goals.  For any
files or directories you create, explain why you selected particular
ownership and modes.  What would happen with looser permissions?
Tighter ones?

Third, explain the privileges used by any privileged programs.
What are the privileges, how do they achive your goals, and how
are the priviliges acquired by those programs?

Fourth, describe anything else relevant to the security properties
of your program.

Specifically, you must answer the questions posed at the end of
the programming assignment.

Last, as described in the programming assignment, give the information
necessary for the TAs to test your code.

Don't waste time and space with routine statements about how security
is important, what confidentiality is, etc.  This isn't a report
to upper management; it's a design document from one professional
(you) to another (me) about a specific set of programs.

I believe that the length of the document will be 2-3 pages.  Don't
be alarmed if it's shorter; don't worry if it's longer unless it's
a lot longer.  I'm not concerned with "pretty", layout, fancy
graphics, or diagrams unless those are necessary to explain things
more clearly.