From owner-freebsd-chat Wed Oct 15 23:17:13 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id XAA08071 for chat-outgoing; Wed, 15 Oct 1997 23:17:13 -0700 (PDT) (envelope-from owner-freebsd-chat) Received: from obie.softweyr.ml.org ([199.104.124.49]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id XAA08064 for ; Wed, 15 Oct 1997 23:17:09 -0700 (PDT) (envelope-from wes@xmission.com) Received: (from wes@localhost) by obie.softweyr.ml.org (8.7.5/8.6.12) id AAA12392; Thu, 16 Oct 1997 00:21:09 -0600 (MDT) Date: Thu, 16 Oct 1997 00:21:09 -0600 (MDT) Message-Id: <199710160621.AAA12392@obie.softweyr.ml.org> From: Wes Peters To: "Christopher G. Petrilli" CC: chat@freebsd.org Subject: Re: C2 Trusted FreeBSD? In-Reply-To: References: <199710150202.VAA21041@nospam.hiwaay.net> Sender: owner-freebsd-chat@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Christopher G. Petrilli writes: > It simply as to be cleared, that's all the requirements states. As for > deallocate/allocate, that's a "preference", and in fact can be done on > either because according to the TCSEC returning memory to the TCB (i.e. > kernel) is not technically a change of ownership because the TCB is not an > owner in the sense that this applies to. The TCB is trusted, therefore yo > ucan do the clear on allocate, which is substantially easier over the long > haul, and is what is commonly done. Right, I'd fallen into the trap of thinking of the system as "root." This is, of course, not true on secure systems. ;^) > And Microsoft claims that NT is C2---they just forget that you can't have > a network or floppy. :-) DEC made VMS C2 somewhere along the way, so I guess it wouldn't be that much of a trip to make VMS Jr. C2 as well. Which still doesn't answer the question "why would anybody want that?" ;^) -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC http://www.xmission.com/~softweyr softweyr@xmission.com