Date: Wed, 15 Oct 1997 20:15:10 -0500 (CDT) From: "Matthew D. Fuller" <fullermd@futuresouth.com> To: Colman Reilly <careilly@monoid.cs.tcd.ie> Cc: "Christopher G. Petrilli" <petrilli@amber.org>, security@FreeBSD.ORG Subject: Re: C2 Trusted FreeBSD? (and what do we want anyway?) Message-ID: <Pine.BSF.3.96.971015201259.16975A-100000@shell.futuresouth.com> In-Reply-To: <199710151137.MAA20954@monoid.cs.tcd.ie>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 15 Oct 1997, Colman Reilly wrote: > I believe that it is totally acceptable > to do a single write over RAM, but that disk storage SHOULD be dealth with > seperately with an appropriate pattern. > This is a good idea, but watch the Linux people scream at our performance > then. :-) I'm not too sure of the low level code on this, but shouldn't it be possible to set some compile-time option for the code, or a kernel option, or even an rc.* option, that would enable the 'secure' disk over-writes, and leave it diabled by default? Then, we'd keep out performance, but have the option to have security too? Prob have to be a compile-time option somewhere, but someone who actually knows the source can jump in and give me 50 reasons it can't be done. *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-* | FreeBSD; the way computers were meant to be | * "The only reason I'm burning my candle at both ends, is * | that I haven't figured out how to light the middle yet."| * fullermd@futuresouth.com :-} MAtthew Fuller * | http://keystone.westminster.edu/~fullermd | *-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*-*
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.96.971015201259.16975A-100000>