Changes between Version 22 and Version 23 of EducationalAssignments/SecurityLayerPartTwo

Changes between Version 22 and Version 23 of EducationalAssignments/SecurityLayerPartTwo

Please note that these Trac pages are no longer being updated. Wiki contents/documentation have moved to GitHub.

Changes between Version 22 and Version 23 of EducationalAssignments/SecurityLayerPartTwo

Please note that these Trac pages are no longer being updated. Wiki contents/documentation have moved to GitHub.

Changes between Version 22 and Version 23 of EducationalAssignments/SecurityLayerPartTwo

Show
Ignore:
Timestamp:
05/19/12 06:09:10 (7 years ago)
Author:
ericms
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • EducationalAssignments/SecurityLayerPartTwo

    v22 v23  
    5151[[BR]] 
    5252=== Examples of tests === 
    53 Test cases are briefly described in [wiki:EducationalAssignments/SecurityLayerPartOne SecurityLayerPartOne] and [wiki:RepyV2SecurityLayers].  However, these examples may not be detailed enough, hence listed here are a series of examples of test cases: 
    54 ==== Test case 1 ==== 
     53Test cases are briefly described in [wiki:EducationalAssignments/SecurityLayerPartOne SecurityLayerPartOne] and [wiki:RepyV2SecurityLayers]. Below is another example of a test case you may want to consider.  This test case gives the right 'style' for your all your test cases, but lacks in the number of test cases.  A good attack will include many test cases. 
     54==== Test case ==== 
    5555{{{ 
    5656# Open a file 
    57 myfile=openfile("something.file",True) 
     57myfile=openfile("look.txt",True) 
    5858  
    5959# Attempt to write "MZ" to the file 
    6060try: 
    61   myfile.writeat("MZ",0) 
     61        myfile.writeat("MZ",0) 
    6262  
    6363# It raised an Exception (as it was supposed to): 
    6464except ValueError: 
    65   pass 
     65  log("The security layer correctly blocked the write!!!") 
    6666  
    67 # No Exception was raised: 
     67# No Exception was raise 
    6868else: 
    6969  log("Wrote an MZ!!!") 
     
    7171finally: 
    7272  # Close the file after our attempt. 
    73   myfile.close() 
     73        myfile.close() 
    7474}}} 
    7575==== Code analysis ==== 
    76 In this case we are verifying the security of the reference monitor.  This code attempts to write "MZ" to the file directly. First the file is opened using myfile=openfile("something.file",True). Next myfile.writeat("MZ",0) tries to write "MZ" to the file. The 0 refers to an offset of zero. The try: statement tells the program to "try" this case. Notice that the except is executed if an error is raised. If the security layer fails the test then the else statement is executed. The finally: statement will always run, closing the file.   
     76It is important to keep in mind that only lowercase file names are allowed.  So  in the above code, specifically: 
     77 
     78{{{ 
     79 
     80# Open a file 
     81myfile=openfile("look.txt",True) 
     82 
     83}}} 
     84look.txt is a valid file name, however Look.txt is not.  Examples of other invalid files names are, look@.txt, look/.txt, and look().txt.  Essentially all non-alphanumeric characters are not allowed.   
     85 
     86 
     87In this case we are verifying the security of the reference monitor.  This code attempts to write "MZ" to the file directly. First the file is opened using myfile=openfile("look.txt",True). Next myfile.writeat("MZ",0) tries to write "MZ" to the file. The 0 refers to an offset of zero. The try: statement tells the program to "try" this case. Notice that the except is executed if an error is raised. If the security layer fails the test then the else statement is executed. The finally: statement will always run, closing the file.   
    7788 
    7889=== Hints and Ideas for testing ===