======================================================================
	     CMSC 426/626 Principles of Computer Security
		       Prof. Krishna Sivalingam
			      Fall 2006
				Quiz 2
			  Date: Nov. 13, 2006
		       Time Alloted: 35 Minutes

       OPEN Book, OPEN Notes, OPEN COMPUTERS, CLOSED NEIGHBORS.
	      PLEASE TURN OFF VOLUME ON YOUR CELLPHONES.

YOU are NOT allowed to get your books, notes, etc. if you did not already
		  have them when you started class.

NAME: 

======================================================================

1. Explain the difference between viruses, worms and rootkits.

2. What Operating Systems have EAL4 classification? Do you
   trust these Operating Systems, i.e. have assurance in them? Why or
   Why not?

3. Identify the possible errors in this code sample:

#include <stdlib.h>
#define BUFSIZE 100

void foo(char *bar) {
/* allocate an automatic buffer */
char BUF[BUFSIZE];

/* copy bar into BUF */
strcpy(BUF, bar);
/* print it */
printf("%s\n", BUF);
}

int main() {
char *baz;
/* retrieve a pointer to the contents of the HOME environment variable
*/
baz = getenv("HOME");

foo(baz);
exit(0);
}


========================================================================



More space. 

========================================================================