From owner-freebsd-security  Wed Oct 15 18:15:36 1997
Return-Path: <owner-freebsd-security>
Received: (from root@localhost)
          by hub.freebsd.org (8.8.7/8.8.7) id SAA23859
          for security-outgoing; Wed, 15 Oct 1997 18:15:36 -0700 (PDT)
          (envelope-from owner-freebsd-security)
Received: from shell.futuresouth.com (shell.futuresouth.com [207.141.254.20])
          by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id SAA23854
          for <security@FreeBSD.ORG>; Wed, 15 Oct 1997 18:15:32 -0700 (PDT)
          (envelope-from fullermd@futuresouth.com)
Received: from shell.futuresouth.com (mail.futuresouth.com [207.141.254.21])
	by shell.futuresouth.com (8.8.5/8.8.5) with SMTP id UAA17424;
	Wed, 15 Oct 1997 20:15:10 -0500 (CDT)
Date: Wed, 15 Oct 1997 20:15:10 -0500 (CDT)
From: "Matthew D. Fuller" <fullermd@futuresouth.com>
To: Colman Reilly <careilly@monoid.cs.tcd.ie>
cc: "Christopher G. Petrilli" <petrilli@amber.org>, security@FreeBSD.ORG
Subject: Re: C2 Trusted FreeBSD? (and what do we want anyway?)
In-Reply-To: <199710151137.MAA20954@monoid.cs.tcd.ie>
Message-ID: <Pine.BSF.3.96.971015201259.16975A-100000@shell.futuresouth.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
X-Loop: FreeBSD.org
Precedence: bulk

On Wed, 15 Oct 1997, Colman Reilly wrote:

>      I believe that it is totally acceptable
>      to do a single write over RAM, but that disk storage SHOULD be dealth with
>      seperately with an appropriate pattern.
> This is a good idea, but watch the Linux people scream at our performance
> then. :-)

I'm not too sure of the low level code on this, but shouldn't it be
possible to set some compile-time option for the code, or a kernel option,
or even an rc.* option, that would enable the 'secure' disk over-writes,
and leave it diabled by default?  Then, we'd keep out performance, but
have the option to have security too?

Prob have to be a compile-time option somewhere, but someone who actually
knows the source can jump in and give me 50 reasons it can't be done.

*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
|       FreeBSD; the way computers were meant to be       |
* "The only reason I'm burning my candle at both ends, is *
| that I haven't figured out how to light the middle yet."|
*    fullermd@futuresouth.com      :-}  MAtthew Fuller    *
|      http://keystone.westminster.edu/~fullermd          |
*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*