Added 6.858 lec 5 part 1

hrushikeshrv · Sep 5, 2024 · baa02eb · baa02eb
1 parent db35d7a
commit baa02eb
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 1 deletion.
diff --git a/6.858/index.md b/6.858/index.md
@@ -20,4 +20,5 @@ Taught by Prof. Nikolai Zeldovich at MIT in Spring, 2020.
 1. [Lecture 1: Introduction]({% link 6.858/lec1.md %})
 2. [Lecture 2: Security Architecture]({% link 6.858/lec2.md %})
 3. [Lecture 3: User Authentication]({% link 6.858/lec3.md %})
-4. [Lecture 4: Buffer Overflows]({% link 6.858/lec4.md %})
+4. [Lecture 4: Buffer Overflows]({% link 6.858/lec4.md %})
+5. [Lecture 5: Privilege Separation]({% link 6.858/lec5.md %})
diff --git a/6.858/lec5.md b/6.858/lec5.md
@@ -0,0 +1,13 @@
+---
+layout: default
+title: "Lecture 5 - Privilege Separation"
+parent: MIT 6.858 - Computer Systems Security
+nav_order: 5
+---
+
+# Lecture 5 - Privilege Separation
+Privilege separation is the practice of dividing your software into multiple independent services which each run in isolation. This way one service being compromised minimizes the chance of the attacker being able to compromise another service. It also reduces the attack surface.
+
+It is easy to describe the idea of privilege separation, but hard to actually implement it in practice. It is similar to how it is always recommended to make your software modular, but writing modular code is easier said than done.
+
+This week's paper describes the working of a web server - OKWS - which is written with the principle of privilege separation at its core.