Access Control Lists (ACL)

---

Access control lists (ACLs) are lists containing information about what kind of access certain parties are allowed to have to a given system.

• often pronounced “ackles”

Types of Access Control Lists

• File system ACLs
• Network ACLs

File System ACLs

File system ACLs define who can read/write/execute files.

ACLs in most file systems have three types of File Permissions:

• read
• write
• execute

Specific files or directories can have multiple ACLs for

• users
• groups

Network ACLs

Network ACLs define who can access network resources.

• permissions are binary in nature: allow or deny
• grant permissions to traffic instead of users

Typically used to filter access based on identifiers used for network transactions, such as:

• IP addresses
• Media Access Control (MAC) addresses
• Ports

MAC Address Filtering

Media Access Control (MAC) addresses are unique identifiers hard-coded into each network interface in a given system.

• MAC address filtering is one of the simplest forms of network ACLs
• Easy to change the address, so it’s a poor identifier for network ACLs

IP Address Filtering

IP Address is a unique address assigned to each device on any network that uses the Internet Protocol for communication.

• Can filter individual address or entire range of addresses
• Easy to falsify IP addresses
• IP addresses change often

Port Filtering

a network port is a numerical designation for one side of a connection between two devices used to identify the application to which traffic should be routed.

• services and apps use specific ports (conventions, not rules)
  • FTP uses ports 20 and 21
  • Internet Message Access Protocol (IMAP) uses port 143 for email
  • SSH uses port 22 for remote connections
• 65,535 total ports

Combinations

Combine several attributes for a more secure technique.

Sockets are a combination of both an IP address and a port.

• used to allow or deny network traffic from one or more IP addresses with one or more applications

Weakness of ACLs

Vulnerable to the confused deputy problem attack.

Confused deputy problem is when the software with access to a resource (the deputy) has a greater level of permission to access the resource than the user who is controlling the software.

Many attacks take advantage of the confused deputy problem by trying to trick the user to take some action.

• usually client-side attacks
• E.g.
  • Cross-Site Request Forgery (CSRF)
  • Clickjacking