Skip site navigation (1)Skip section navigation (2) 
Date:      Fri, 17 Oct 1997 22:39:16 -0600 (MDT)
From:      Wes Peters <softweyr@xmission.com>
To:        Terry Lambert <tlambert@primenet.com>
Cc:        chat@freebsd.org
Subject:   Re: C2 Trusted FreeBSD?
Message-ID:  <199710180439.WAA14607@obie.softweyr.ml.org>
In-Reply-To: <199710171817.LAA16458@usr06.primenet.com>
References:  <XFMail.971015212530.cdillon@tri-lakes.net> <199710171817.LAA16458@usr06.primenet.com>
next in thread | previous in thread | raw e-mail | index | archive | help 
Terry Lambert writes:
 > > >Or in other words - C2 or not, we are going to need a modified ffs that
 > > >properly overwrites the freed (via unlink, truncate or other means)
 > > >storage on disk anyways?
 > > 
 > > Not my area of expertise exactly, but from what I gather, yes.  This would
 > > eat tremendous amounts of precious I/O, unless I suppose it was done at
 > > idle times, but that might defeat the purpose of it.
 > 
 > This should be done on a block by block basis, and could be done
 > in a stacking layer on top of a variable granularity block store.

Yes, and there are some strategies that could be adopted to minimize the
impact of this.  Disk blocks are not immediately freed, but rather
returned to a queue of blocks to be overwritten; once overwritten they
are marked as freed.  The overwrites could be interleaved with normal
disk I/O head stepping algorithms, and/or performed during idle I/O
times unless needed in the free store.

It would be advantageous to allow multiple overwrite strategies as well,
specifying no overwrite for low-security situations like my workstation
at home, behind an infrequently connected firewall; single overwrite for
situations where you're not completely paranoid about your user base,
and multiple-overwrite with varying patterns for FreeBSD systems
installed in ballistic missile submarines.  ;^)

-- 
          "Where am I, and what am I doing in this handbasket?"

Wes Peters                                                       Softweyr LLC
http://www.xmission.com/~softweyr                       softweyr@xmission.com

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199710180439.WAA14607>