Dirty COW is a computer security vulnerability that was discovered in the Linux Kernel in 2016. The exploit was registered under CVE with the designation: CVE-2016-5195. Dirty COW is a root privilege escalation exploit that attacks the Copy-On-Write mechanism in the Linux Kernel. Hence the “COW” in Dirty COW. The proof of concept can be found here.
The vulnerability existed in the Linux Kernel since 2007, but was discovered later in 2016, by Phil Oester.
File Permissions Unix & Linux provides Read(r),Write(w) and Execute(x) permissions to any file on the system. If you ls -l every file with its permissions will be shown.
The system is divided into three types - User,Group and others. The r,w,x permissions are assigned to each type. This is well explained by the diagram shown below:
Owner permissions − The owner’s permissions determine what actions the owner of the file can perform on the file.
File Systems In Linux Linux works on the concept of virtual file systems. Everything on a Linux/Unix system is a file. Here is a brief look at the file system structure -
This directory structure is followed in all Linux distributions which is similar to a Unix file system. Whenever a Linux system boots,this virtual file system is mounted. Each directory in this tree has its own significance.
/bin - The bin directory stores all the Linux command binaries.
Every computer follows a standard boot sequence when it starts up.
BIOS (Basic Input Output System) The CPU runs an instruction in memory for the BIOS. This is a Jump instruction that transfers the Instruction Pointer to the code of the BIOS start-up program.
The BIOS runs the Power On Self Test. It is a process performed by firmware or software routines immediately after a computer or any digital device is powered on.
Linux has completely different naming conventions while mounting drives as compared to Windows. /dev/sda,/dev/sdb,/dev/sdc etc. are the conventions in Linux.
Each drive has its own partition table that describes the layout of partitions of the drive. MBR,GPT etc. are the different partition table standards used. The MBR partition scheme is quite old and is rarely used due to limitations like-
It does not allow the configuration of more than four main partitions.
What is the $PATH environment variable? Every Linux & Unix System has several environment variables which are dynamic variables essential for running several processes in the system. $HOME,$env being some of the well known environment variables.
The $PATH environment variable stores all the paths where one can find the binary executables for all the commands that we use.
Whenever a command is invoked from the terminal,all the paths in the $PATH environment variable are looked up and if the binary is found, the command is executed.