
			        	CS736
                           REFEREE REPORT

Paper Title: Runtime Code Modification for Avoidance of License Server 
	     Authentication        

Paper Authors: Gregory Deych and Gokul Nadathur     

Referee: Sambavi Muthukrishnan

Please rate the paper from 5 (Excellent) to 1 (Unacceptable).

                Originality: 4

               Significance: 3

         Technical strength: 4

       Written presentation: 3

     Relevance to symposium: 

Your overall recommendation: 4


Please rate how confident you feel of  your assessment (due to factors 
such as closeness of topic to your area of expertise, level of detail 
at which you evaluated paper, etc.).

Confidence in review:

         4  =  ``I'm pretty well-versed in this topic''

Reviewer:
Please give very detailed comments to explain your ratings and/or 
to help the authors improve the paper.
---------------------------------------------------------------------------

Comments to Author(s):

This paper presents a generalized technique to override license server 
authentication by modification of the runtime binary of an application
through the proc file system. The paper has a couple of really interesting  
ideas  though a detailed explanation of certain parts is needed.

I have the following comments to make:

1. The process that you use to actually dynamically modify the  binary 
   using the proc file system requires to be elaborated. The explanation 
   for this is rather terse. All that is mentioned is that tools were 
   developed to be able to start/stop the process. Details on the tools 
   is missing.

2. How the difference between connect calls made to the printer server
   and X server from those made to the License server is made at run time
   is not clear to me. 

3. A more detailed explanation of how Figure 7 relates to the flow is needed.
   It seems to be out of the tone of the corresponding Section.

4. Roman letter numbering for the sections needs to be removed. I don't think
   that it is normally used.

5. In section II, you mention that the application uses the license file 
   to get the address of the license manager daemon. But it appears to me
   that the license file is available to the vendor daemon and not the 
   application. Anything wrong here?

6. There is no mention of the references you have used in the text. I think 
   that you need to add appropriate cross references.

7. The abstract needs to present more detail on the strategy employed for 
   runtime code modification.

The rest of the corrections ( typos and grammatical errors ) are marked in the paper.