The assignment is to write a print spooler. To do this, you will need to use a virtual machine; see the details below. A print spooler accepts files, both on stdin and on the command line, and copies them to some protected directory for eventual printing. It has to be able to read files that are readable only by that user; it also has to ensure that the command is not used to print files that that user isn't able to read. Eventually, another process finds jobs in that protected directory and copies them to the physical printer. We won't worry about that part in this assignment. So -- write a program that acts as the spooler. It has to copy files to some protected directory. It also has to create a log file of each print request, plus its success or failure. Again, this log file must be protected against unauthorized viewing or modification. You also need to write a program to list the queue -- the pending files, their owners, their sizes, and when they were submitted -- and to remove jobs from the queue. (Think "lpq" and "lprm".) Naturally, only the owner should be allowed to remove a job. Pay a lot of attention to test data selection. You must verify that the program can print everything it's supposed to be able to print, and that it can't print things that should be protected. Deliverables: Source code Test shell scripts that exercise the commands. You'll need several scripts, since you have to try printing as different users. You'll also need test files to print. A directory tree with all necessary directories and files used by the spooler, with appropriate permissions. The spooling command must be called hwlpr; the queue list command must be called hwlpq. DO NOT use lpr and lpq; those will cause confusion with the system's versions of the commands. A 1-2 page writeup explaining the security theory of operation. This will count as the written part of this assignment; details on it will be posted in a day or so. Instead of submitting the usual tar file, submit just the documentation as a written assignment. The TAs will log in to your VM to test your program. ---------------------------------------------------------------------- Virtual Machine: A virtual machine appears to be a complete computer, running some operating system; in fact, though, it is just an application running on some other computer. The advantage of using virtual machines (VMs) is that each user can have full privileges, including root privileges. Instructions on using VMware are at http://www.cs.columbia.edu/~smb/classes/f07/vmware.pdf Initially, you will log in as root (you will receive the machine name and password). The first thing to do is to change the password to something else. Note carefully: your documentation MUST include the new password; the TAs will log in to your VM to test your code. Of course, this means that you SHOULD NOT use your normal password. Next, you'll have to create two or three logins: /usr/sbin/useradd user1 /usr/sbin/useradd user2 etc. Create at least two user accounts -- users who will try to use your print spooler -- plus an account for the spooler itself to run under. To use one of these accounts, Instead of logging in as those users, it's easier to log in as root and then do su user1 You may use either setuid or message-passing. I suspect that setuid is easier, since otherwise you need to learn some strange Linux primitives. That said, if you want to use message-passing, you're welcome to. If you compile your program as the lpr login, you can make it setuid by saying chmod +s filename If you compile it as root and you want it to run as, say, user hwlpr, you must do chown hwlpr filename chmod +s filename Note well: when you're running as root, you have the potential to destroy part or all of the VM. In that case, you'll have to contact CRF to get it restored, and you'll probably lose any files you had created on the VM. Note that last point carefully: VMs have their own file system; you are well-advised to keep copies of all your work on your CS account's home directory.