Structured Programming with go to Statements
ACM Computing Surveys (CSUR)
The qmail handbook
Running Qmail
The Cathedral and the Bazaar
A Flexible Containment Mechanism for Executing Untrusted Code
Proceedings of the 11th USENIX Security Symposium
Linux Security Modules: General Security Support for the Linux Kernel
Proceedings of the 11th USENIX Security Symposium
qmail
MAPbox: using parameterized behavior classes to confine untrusted applications
SSYM'00 Proceedings of the 9th conference on USENIX Security Symposium - Volume 9
Detecting format string vulnerabilities with type qualifiers
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Expanding and extending the security features of java
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Security of web browser scripting languages: vulnerabilities, attacks, and remedies
SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
A secure environment for untrusted helper applications confining the Wily Hacker
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
Confining root programs with domain and type enforcement (DTE)
SSYM'96 Proceedings of the 6th conference on USENIX Security Symposium, Focusing on Applications of Cryptography - Volume 6
A domain and type enforcement UNIX prototype
SSYM'95 Proceedings of the 5th conference on USENIX UNIX Security Symposium - Volume 5
Qmail Quickstarter: Install, Set Up and Run your own Email Server
Qmail Quickstarter: Install, Set Up and Run your own Email Server
Trust '08 Proceedings of the 1st international conference on Trusted Computing and Trust in Information Technologies: Trusted Computing - Challenges and Applications
Verifiable functional purity in java
Proceedings of the 15th ACM conference on Computer and communications security
NetAuth: supporting user-based network services
SS'08 Proceedings of the 17th conference on Security symposium
Proceedings of the ACM SIGOPS 22nd symposium on Operating systems principles
Resolving least privilege violations in software architectures
IWSESS '09 Proceedings of the 2009 ICSE Workshop on Software Engineering for Secure Systems
Measuring the interplay of security principles in software architectures
ESEM '09 Proceedings of the 2009 3rd International Symposium on Empirical Software Engineering and Measurement
Are text-only data formats safe? or, use this LATEX class file to Pwn your computer
LEET'10 Proceedings of the 3rd USENIX conference on Large-scale exploits and emergent threats: botnets, spyware, worms, and more
An SSH-based toolkit for user-based network services
LISA'09 Proceedings of the 23rd conference on Large installation system administration
Automated detection of least privilege violations in software architectures
ECSA'10 Proceedings of the 4th European conference on Software architecture
Making Linux protection mechanisms egalitarian with UserFS
USENIX Security'10 Proceedings of the 19th USENIX conference on Security
Privilege separation in HTML5 applications
Security'12 Proceedings of the 21st USENIX conference on Security symposium
Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles
ACM SIGOPS 24th Symposium on Operating Systems Principles
The scalable commutativity rule: designing scalable software for multicore processors
Proceedings of the Twenty-Fourth ACM Symposium on Operating Systems Principles
Hi-index | 0.00 |
The qmail software package is a widely used Internet-mail transfer agent that has been covered by a security guarantee since 1997. In this paper, the qmail author reviews the history and security-relevant architecture of qmail; articulates partitioning standards that qmail fails to meet; analyzes the engineering that has allowed qmail to survive this failure; and draws various conclusions regarding the future of secure programming.