From owner-freebsd-security Wed Oct 15 19:26:54 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id TAA27062 for security-outgoing; Wed, 15 Oct 1997 19:26:54 -0700 (PDT) (envelope-from owner-freebsd-security) Received: from bob.tri-lakes.net ([207.3.81.6]) by hub.freebsd.org (8.8.7/8.8.7) with SMTP id TAA27054 for ; Wed, 15 Oct 1997 19:26:47 -0700 (PDT) (envelope-from cdillon@tri-lakes.net) Received: from [207.3.81.149] by bob.tri-lakes.net (NTMail 3.02.13) with ESMTP id na301379 for ; Wed, 15 Oct 1997 21:26:37 -0500 Message-ID: X-Mailer: XFMail 1.1 [p0] on FreeBSD Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 8bit MIME-Version: 1.0 In-Reply-To: Date: Wed, 15 Oct 1997 21:22:46 -0000 (GMT) From: Chris Dillon To: Narvi Subject: Re: C2 Trusted FreeBSD? Cc: Terry Lambert , security@FreeBSD.ORG, benedict@echonyc.com Sender: owner-freebsd-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On 15-Oct-97 Narvi wrote: > >On Wed, 15 Oct 1997, Snob Art Genre wrote: > >> On Tue, 14 Oct 1997, Chris Dillon wrote: >> >> >> > The point is, if someone stole your SIMMs out of your BOX to try and >steal >> > data from them, they're out of luck.. If they steal what you THINK is >a >> > totally blank hard drive or floppy disk that you previously wrote >> > sensitive data to, think again. This is why it is standard policy in >some >> > places for drives that went south to not just be thrown away, but >> > completely destroyed with a sledge-hammer. :-) >> > >Or in other words - C2 or not, we are going to need a modified ffs that >properly overwrites the freed (via unlink, truncate or other means) >storage on disk anyways? Not my area of expertise exactly, but from what I gather, yes. This would eat tremendous amounts of precious I/O, unless I suppose it was done at idle times, but that might defeat the purpose of it. --- Chris Dillon --- cdillon@tri-lakes.net --- Powered by FreeBSD, the best free OS on the planet ---- (http://www.freebsd.org)