Date: Thu, 18 Nov 1999 23:54:58 -0500 (EST) From: Garrett Wollman <wollman@khavrinen.lcs.mit.edu> To: Barrett Richardson <barrett@phoenix.aye.net> Cc: Wes Peters <wes@softweyr.com>, Kris Kennaway <kris@hub.freebsd.org>, TrouBle <trouble@netquick.net>, David G Andersen <danderse@cs.utah.edu>, freebsd-security@FreeBSD.ORG Subject: Re: secure filesystem wiping Message-ID: <199911190454.XAA42975@khavrinen.lcs.mit.edu> In-Reply-To: <Pine.BSF.4.01.9911182331400.18537-100000@phoenix.aye.net> References: <38347633.22E76DE0@softweyr.com> <Pine.BSF.4.01.9911182331400.18537-100000@phoenix.aye.net>
next in thread | previous in thread | raw e-mail | index | archive | help
<<On Thu, 18 Nov 1999 23:37:34 -0500 (EST), Barrett Richardson <barrett@phoenix.aye.net> said: > How about pseudo-random data? Aren't the passes with random data just > a little extra icing? The random(3) PRNG has a period of 2^69 (in its most secure mode), so I'd suggest that it probably is good enough. Just initialize thusly: static char statebuf[256]; initstate(1, statebuf, sizeof statebuf); srandomdev(); > Also, will my system choke if I mmap a 250 MB file on a system > with 32 MB of ram? Not at all. Demand paging works just the same for files as it does for swap. If you look at the output of `systat -v', you'll probably see that you already have many times the size of main memory mapped -- on my 64-MB desktop machine, I have almost 3 GB of extant memory mappings. It is possible, though, that madvise(..., MADV_SEQUENTIAL) might give better behavior. -GAWollman -- Garrett A. Wollman | O Siem / We are all family / O Siem / We're all the same wollman@lcs.mit.edu | O Siem / The fires of freedom Opinions not those of| Dance in the burning flame MIT, LCS, CRS, or NSA| - Susan Aglukark and Chad Irschick To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199911190454.XAA42975>