Slashdot Mirror

← Back to Stories (view on slashdot.org)

Graph of Linux Vs. Windows System Calls

Posted by kdawson on from the linguini-or-angel-hair dept.

cgrayson recommends Richard Stiennon's blog on ZDNet — a post titled Why Windows is less secure than Linux shows a compelling graphical comparison between system calls on the two operating systems. The blogger tips Sana Security for the images. Quoting: "In its long evolution, Windows has grown so complicated that it is harder to secure... [T]hese images... are a complete map of the system calls that occur when a web server serves up [the same] single page of [HTML] with a single picture."

7 of 302 comments (clear)

  1. Re:FUD? by ejdmoo · · Score: 4, Informative

    Accurate or not, it's a graph of Apache vs. IIS calls, NOT Linux vs. Windows. Also old as hell.

    Another quality article from Slashdot.

  2. Re:FUD? by ajs · · Score: 4, Informative

    It's good that Slashdot is covering it, though. I do like the fact that we periodically get the chance to debunk some of the misinformation on the Web.

    Taken completely out of its original context, the graphs are a useful way to compare real-world examples of C and C++ calling models, though. You'll notice that IIS (C++) has these "clusters" of activity where one routine acts as a nexus for calls into many others. This is fairly standard practice in C++ where you might have an accessor that triggers lots of behavior. In the C version, there's a much more visually procedural pattern where a function calls a few others, and then returns to a function that calls its tree of functions, but might overlap with a few calls to the previous function's utility functions, etc.

  3. Re:Interesting by 0xABADC0DA · · Score: 4, Informative

    It's not hand drawn. They obviously used dot from graphviz. You can't mistake that layout once you've seen it.

  4. Re:Pudding graph by iusty · · Score: 3, Informative

    The article says syscalls, not function calls. The difference between calling models has no relation to syscalls, which are between userland and kernel space.

    More likely, the article shows the difference between Apache and IIS, on one side, and the glibc and however-it's-called windows' base library, on the other side.

  5. Re:This is more a comparison of efficiency to me. by SatanicPuppy · · Score: 3, Informative

    Except for the whole: "[T]hese images... are a complete map of the system calls that occur when a web server serves up [the same] single page of [HTML] with a single picture."

    RTFS: Read The Fucking Summary.

    --
    ad logicam Claiming a proposition is false because it was presented as the conclusion of a fallacious argument.
  6. Re:Poster? by EsbenMoseHansen · · Score: 3, Informative

    It looks as is if it was made by graphViz, which draws diagrams based on a textfile containing the dependencies. So it's probably fair enough in that sense, but the posting the number of edges and the number of nodes would probably be nice as well. Though I'd prefer the source for those 2 images :D

    --
    Religion is regarded by the common people as true, by the wise as false, and by rulers as useful.
  7. Re:Looks good. by Atmchicago · · Score: 3, Informative

    I agree with your question. I was thinking of a few ways to analyze the graphs:

    • Count the total number of nodes
    • Count the average number of edges coming out of each node

    The first gives us an idea of the total number of calls involved. The second gives us some idea of how many interactions each call is involved with - more branches would indicate more complexity.

    --

    You can lead a horse to water, but you can't make it dissolve.