
Package LOC Pro- Time Error Traces
grams (m:s) Real Total
Apache 229K 2 :45 1 4
At 6K 2 :05 0 0
BIND 279K 1 :53 0 1
OpenSSH 59K 3 :23 2 8
Postfix 94K 3 :17 0 2
Samba 254K 3 1:53 0 5
Sendmail 222K 1 :12 0 0
VixieCron 4K 2 :05 0 0
(a) Performance of MOPS on Property 1: “A process should
drop privilege from all its user IDs before calling
execl
,
popen
,
system
, or any of their relatives.”
Package LOC Pro- Time Error Traces
grams (m:s) Real Total
Apache 229K 2 :09 0 0
At 6K 2 :05 0 0
BIND 279K 1 :03 0 0
OpenSSH 59K 3 :17 0 0
Postfix 94K 3 :12 0 0
Samba 254K 3 :56 0 0
Sendmail 222K 1 :22 0 0
VixieCron 4K 2 :05 0 0
(b) Performance of MOPS on Property 2: “After calling
chroot
, a process should immediately call
chdir("/")
to
change its working directory to the root of the sub-filesystem.”
Package LOC Pro- Time Error Traces
grams (m:s) Real Total
Apache 229K 14 :43 0 1
At 6K 2 :06 0 6
BIND 279K 30 1:08 0 3
OpenSSH 59K 13 :50 0 12
Postfix 94K 33 2:18 0 3
Samba 254K 25 13:14 1 2
Sendmail 222K 24 1:53 0 8
VixieCron 4K 2 :07 1 2
(c) Performance of MOPS on Property 3: “Avoid race condi-
tions in file system access.”
Package LOC Pro- Time Error Traces
grams (m:s) Real Total
Apache 229K 1 :14 1 1
At 6K 1 :04 1 1
BIND 279K 0 :00 0 0
OpenSSH 59K 2 :58 1 2
Postfix 94K 2 :46 0 1
Samba 254K 1 :52 1 1
Sendmail 222K 1 14:12 0 3
VixieCron 4K 1 :04 2 2
(d) Performance of MOPS on Property 4: “Do not open a file in
writing mode to stdout or stderr, no matter which file descrip-
tors are open when the process starts.”
Package LOC Pro- Time Error Traces
grams (m:s) Real Total
Apache 229K 14 :42 0 0
At 6K 2 :05 0 0
BIND 279K 30 1:11 0 0
OpenSSH 59K 13 1:01 2 2
Postfix 94K 33 3:20 0 0
Samba 254K 25 28:38 0 0
Sendmail 222K 24 1:55 0 0
VixieCron 4K 2 :06 0 0
(e) Performance of MOPS on Property 5: “A program should: (1) never call
mktemp
,
tmpnam
,
tempnam
,or
tmpfile
; (2) never reuse the
parameter
x
in
mkstemp(x)
; (3) call
umask(0077)
before
mkstemp
.”
Figure 7. Running time of MOPS and number of error traces reported by MOPS on five properties
Komentáře k této Příručce