From owner-freebsd-security Tue May 4 23:57:13 1999 Delivered-To: freebsd-security@freebsd.org Received: from rover.village.org (rover.village.org [204.144.255.49]) by hub.freebsd.org (Postfix) with ESMTP id 9A33115BD4 for ; Tue, 4 May 1999 23:57:10 -0700 (PDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (harmony.village.org [10.0.0.6]) by rover.village.org (8.9.3/8.9.3) with ESMTP id AAA12776; Wed, 5 May 1999 00:56:25 -0600 (MDT) (envelope-from imp@harmony.village.org) Received: from harmony.village.org (localhost.village.org [127.0.0.1]) by harmony.village.org (8.9.3/8.8.3) with ESMTP id AAA08261; Wed, 5 May 1999 00:56:23 -0600 (MDT) Message-Id: <199905050656.AAA08261@harmony.village.org> To: Unknow User Subject: Re: Security advisories Cc: security@FreeBSD.ORG In-reply-to: Your message of "Tue, 04 May 1999 19:56:36 -0300." <372F7B24.E352AEFF@tdnet.com.br> References: <372F7B24.E352AEFF@tdnet.com.br> <372E4911.3A384379@tdnet.com.br> <199905042049.OAA04590@harmony.village.org> Date: Wed, 05 May 1999 00:56:23 -0600 From: Warner Losh Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org In message <372F7B24.E352AEFF@tdnet.com.br> Unknow User writes: : You really helped me, but where can i get such fixes? : Is there any central site? Yes. You willl likely want to keep current with at least the kernel portion of -stable. Fixes are committed there from time to time. Sometimes these have security implications, other times they don't. It is hard to know a-priori which ones will result in a potentially exploitable DoS, and which ones won't. The committers generally don't send me a heads up when it could. Often times it is months later that an exploit comes to light. See the handbook section on keeping current with FreeBSD for details on how to get the latest stable branch. : When a user deletes a file, the OS only removes its inode, is there any : utils that writes 1/0 to the Hard Disk blocks ? Not that I'm aware of. The OS will never give those "dirty" blocks to a user w/o first zeroing them. They are still available on the raw device should you have good reason to expunge them from the disk. : And about memory, is there any utils that fill in memory with 1/0 ? No. Again, the OS doesn't give out dirty memory pages, so this generally isn't a problem. The only time it might be a problem is if a user breaks root and starts snooping in memory. However, if that happens, the active memory can be targeted and you likely have bigger problems to worry about. Warner To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message