An Operating system assigns a set of privileges to each process, determining the resources it can access. The highest level of privileges is administrative, supervisor, or root access, which grants root access to all functions and services of operating system. A key security issues in os design is to prevent or detect attempts by a user or malicious software (malware) from gaining unauthorised privileges on the system, particularly from gaining root access.
System access threats fall into general two categories:
Intruders and malicious software
Intruders or often outsiders. Intruder attacks range from benign to serious, with the goal of gaining access to a system or increasing the range of privileges accessible. Intruders can exploit system or software vulnerabilites such as buffer overflow or acquire protected information, such as user passwords. Malicious software or malware, is the most sophisticated type of threat to computer systems, involving bot application programs and utility program. Countermeasures are necessary to prevent these threats to insure the security of the operating system.
