This exam is due on Monday October 24 at the beginning of class. Unless other arrangements are made with the instructor, prior to this time, this exam will will not be accepted late. The answers to the exam will be submitted electronically as a single uuencoded shar file. This file should expand to a single directory, containing all of the answers to the questions, which has the same name as the user submitting the answers.

15 pts.
Describe how a posix compliant* shell could be implemented. In this discussion you should include the system calls necessary to implement each function. Include, but do not limit your discussion to the following points: * for this discussion, assume a posix compliant shell is a shell implemented with only posix system calls.

5 pts.
Discuss how you could add an additional globing feature, ^, which does a case insensitive expansion, to the shell described above. For example, ls ab^ , would list files ab and aB. Describe both how this feature could be implemented, and the implications of implementing such a feature.

10 pts.
Implement the unix leave utility. Discuss the weakness of using this utility in a window environment. Suggest additions/enhancements (of a non gui nature) to improve the functionality of this utility.

10 pts.
Discuss the dangers involved in allowing individuals to submit awk code to a http daemon to be executed. Give examples of dangerous/problem causing code. Suggest ways to minimize or eliminate the dangers caused by such code.

15 pts.
Using the forms feature of html, implement the login sequence depicted in this picture. The user connecting to this system types in a username and a password. The password should not be displayed.

If the username is not part of the system's database, the user is asked if they wish to apply for an account. To apply for an account the user must submit a username, real name, email address and an initial password. (note A) If the username submitted is unique, the system will add the user to it's database, and send the user mail stating that their account has been added, and send them to the KSU home page.

Users successfully loging into the system should be presented with a page containing their login name and a button that will take them to the KSU home page.

Please note, you are not dealing with the file /etc/password for this program. This program should maintain an independent user database.

10 pts.
Under VMS, it was possible for instructors to have access to a student's files. This access was closer to superuser access under UNIX than group access. (The student had no control over this access, and could not deny it by changing permissions). Design a utility, or series of utilities under UNIX which will give an instructor unlimited access to a subset of a students directory tree. You do not need to implement these utilities, however, you do need to provide sufficient algorithms, and pseudo-code to prove that you could implement them. Discuss any security problems created by these utilities.