From owner-freebsd-current Tue Jun 13 10: 2:57 2000 Delivered-To: freebsd-current@freebsd.org Received: from sabre.velocet.net (sabre.velocet.net [198.96.118.66]) by hub.freebsd.org (Postfix) with ESMTP id C718237B9BF; Tue, 13 Jun 2000 10:02:51 -0700 (PDT) (envelope-from dgilbert@office.tor.velocet.net) Received: from office.tor.velocet.net (trooper.velocet.net [216.126.82.226]) by sabre.velocet.net (Postfix) with ESMTP id 9F7D513804B; Tue, 13 Jun 2000 13:02:45 -0400 (EDT) Received: (from dgilbert@localhost) by office.tor.velocet.net (8.9.3/8.9.3) id NAA40488; Tue, 13 Jun 2000 13:02:42 -0400 (EDT) (envelope-from dgilbert) From: David Gilbert MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Message-ID: <14662.26930.4825.366901@trooper.velocet.net> Date: Tue, 13 Jun 2000 13:02:42 -0400 (EDT) To: Dan Moschuk Cc: "Daniel C. Sobral" , David Gilbert , freebsd-current@FreeBSD.ORG Subject: Re: (thoughts on) the mktemp() patch. In-Reply-To: <20000613125511.C834@spirit.jaded.net> References: <14660.2642.194412.404753@trooper.velocet.net> <394537FE.9AD506CD@newsguy.com> <20000613125511.C834@spirit.jaded.net> X-Mailer: VM 6.75 under 20.4 "Emerald" XEmacs Lucid Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG >>>>> "Dan" == Dan Moschuk writes: Dan> I've avoided this conversation, but what would everyone think of Dan> a tmpfs type of solution with a security minded design? I took a Dan> brief look at phk's md driver, and it could be quite easily Dan> molded to do what I want to do. Things like a sysctl option to Dan> disallow symlinks in a tmpfs mounted directory I'm sure would Dan> make a few people happy. The downfall, for being memory backed, Dan> is it's wiped on a reboot (some people, however, consider this to Dan> be A Good Thing). Well... if you're going Whole Hog (tm), there's likely a litany of desirable options to a secure tmpfs. The ability to create small files that never swap to disk, for instance. This would be the case where I need to create a tmp file as the result of decrypting something to view with an external viewer. The ability to specify more restritive than just user credentials to access the file ... possibly a file that can only be acessed by an open file handle or by a random filename that doesn't show up in the directory listing. There is probably a longer list, too. Dave. -- ============================================================================ |David Gilbert, Velocet Communications. | Two things can only be | |Mail: dgilbert@velocet.net | equal if and only if they | |http://www.velocet.net/~dgilbert | are precisely opposite. | =========================================================GLO================ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message