Date: Mon, 13 Oct 1997 22:50:26 +0100 From: Colman Reilly <careilly@monoid.cs.tcd.ie> To: Brian Mitchell <brian@firehouse.net> Cc: freebsd-security@FreeBSD.ORG Subject: Re: C2 Trusted FreeBSD? Message-ID: <199710132150.WAA16921@monoid.cs.tcd.ie> In-Reply-To: Message from Brian Mitchell dated today at 17:15.
next in thread | raw e-mail | index | archive | help
> This is defined as follows: > "All authorizations to the information contained iwthin a storage object > shall be revoked prior to initial assignment, allocation or reallocation > to a subject from the TCB's pool of unused storage objects. No > information, including encrypted representations of information, produce d > by a prior subject's actions is to be available to any subject that > obtains access to an object that has been released back to the system." > > Basically, we need to purge all memor when it is allocated, or > deallocated. > yah, when we release something back into a system, we have to bzero() the contents, or something similar. Well, no we need to ensure that they're zeroed before anyone lese gets them. How much does bzero() cost? I was wondering if it would be more efficient to do a background garbage collector style thing that would zero things in idle time and would only zero stuff on demand if it hand't been cleared. Colman
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199710132150.WAA16921>