Skip site navigation (1)Skip section navigation (2)
Date:      Sun, 2 Dec 2001 01:08:49 +0000 (GMT)
From:      freebsd-security@rikrose.net
To:        security@FreeBSD.ORG
Subject:   Re: philosophical question...
Message-ID:  <Pine.LNX.4.21.0112020058020.4289-100000@pkl.net>
In-Reply-To: <5.0.2.1.1.20011201171925.035156f8@popserver.sfu.ca>

next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 1 Dec 2001, Colin Percival wrote:
> >Seems like an OpenBSD feature :P

>    Still, I have to agree that this sounds pretty OpenBSDish... looking at 
> the BSDs as a whole I'd say it would make sense for this to be added into 
> OpenBSD first and ported to FreeBSD once it has proved itself.

Anyone mind if I start a discussion about encrypted swap? I know I had the
option under OpenBSD (and yes, it was on), but I still don't understand
the implications.

At the lowest level, anyone who manages to get root on the box can't screw
around with programs whose image and data has gone to swap, at least not
in a non-fatal way, assuming theydon't know the seed for the random key
for that block of memory (is it even done this way. this is my guess).

However, there's still /dev/{k,}mem, etc, and I havent' put in the energy
into thinking about it, aside from noticing it was missing. If it is
deemed a vaguely sensible thing to do (by discussion on the list), could
it be added to the "list of things to do" if it isn't already? I'm
assuming the most sensible way to implement this is via a sysctl that
become read-only, after the kernel is loaded, like hw.ata.atapi_dma.

Anyway. Uhm. Is it sensible. If not, why not. Well, there is the argument
about /dev/mem always being readble. I suppose as a security thing, this
ought to be removed too... ACL's anyone?

Well, this is far less coherent that I expected. <shrug> responses?

-- 
PGP Key: D2729A3F - Keyserver: wwwkeys.uk.pgp.net - rich at rdrose dot org
Key fingerprint = 5EB1 4C63 9FAD D87B 854C  3DED 1408 ED77 D272 9A3F
Public key also encoded with outguess on http://rikrose.net


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.LNX.4.21.0112020058020.4289-100000>