From owner-freebsd-security@FreeBSD.ORG Mon Jun 19 14:29:59 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4DD3816A47C for ; Mon, 19 Jun 2006 14:29:59 +0000 (UTC) (envelope-from neiro21@gmail.com) Received: from py-out-1112.google.com (py-out-1112.google.com [64.233.166.179]) by mx1.FreeBSD.org (Postfix) with ESMTP id D081343D48 for ; Mon, 19 Jun 2006 14:29:58 +0000 (GMT) (envelope-from neiro21@gmail.com) Received: by py-out-1112.google.com with SMTP id i75so1277618pye for ; Mon, 19 Jun 2006 07:29:58 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:content-disposition:references; b=udumRtkgY3dKd25gdrDlS6/NyyKxeN2JigkMbhNIItlaeuN4SmuYS7YIHIP33d2nf8kWsC9VL8cCF61BsHNWSq/rrq4ZC6q6HkuAL7xLbcxyLC8G+X0UO3r8tXJ8AomJWngKDcMeNvgS+g2yIZjcG31dC6k2FuODmnMF/ZWzRdM= Received: by 10.35.126.7 with SMTP id d7mr8353071pyn; Mon, 19 Jun 2006 07:29:58 -0700 (PDT) Received: by 10.35.125.6 with HTTP; Mon, 19 Jun 2006 07:29:57 -0700 (PDT) Message-ID: <3bcb4e3f0606190729ned52dbah2ab2477461cc6596@mail.gmail.com> Date: Mon, 19 Jun 2006 18:29:57 +0400 From: "Nick Borisov" To: freebsd-security@freebsd.org In-Reply-To: <3bcb4e3f0606190728m29b67270mda8088eab2ff0ba1@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline References: <44967861.6070509@obluda.cz> <20060619104258.66212.qmail@web30312.mail.mud.yahoo.com> <3bcb4e3f0606190728m29b67270mda8088eab2ff0ba1@mail.gmail.com> Subject: Re: memory pages nulling when releasing X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 19 Jun 2006 14:29:59 -0000 2006/6/19, R. B. Riddick : > But if a bad guy has already root access it does not really matter, > (aa) if he has to wait for some minutes or hours, > or > (bb) if he has just a small time window > or > (cc) if he can immediately start with scanning for secrets in /dev/mem. I would argue about this. Allowing an intrunder to deal with your system even one extra minute may lead to tremendous losses depending on what kind of data your system operates with. As Dan mentioned, the cost of data defines means of security you should use to protect it. As for standards, they are Russian national governmental ones appliyng to computer systems that operate confidential, secret and more sensitive data.