From owner-freebsd-security Tue Oct 14 08:30:55 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.7/8.8.7) id IAA23943 for security-outgoing; Tue, 14 Oct 1997 08:30:55 -0700 (PDT) (envelope-from owner-freebsd-security) Received: from stt3.com (root@stt3.com [198.107.49.1]) by hub.freebsd.org (8.8.7/8.8.7) with ESMTP id IAA23938; Tue, 14 Oct 1997 08:30:52 -0700 (PDT) (envelope-from beattie@stt3.com) Received: from durin(really [192.168.0.88]) by stt3.com via sendmail with smtp id for ; Tue, 14 Oct 1997 08:29:53 -0700 (PDT) (Smail-3.2 1996-Jul-4 #1 built 1997-Mar-5) Date: Tue, 14 Oct 1997 08:29:52 -0700 (PDT) From: Brian Beattie X-Sender: beattie@durin To: Christopher Petrilli cc: Brian Mitchell , Colman Reilly , Douglas Carmichael , freebsd-hackers@FreeBSD.ORG, freebsd-security@FreeBSD.ORG Subject: Re: C2 Trusted FreeBSD? In-Reply-To: <199710132110.RAA29578@dworkin.amber.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-security@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Mon, 13 Oct 1997, Christopher Petrilli wrote: > > THat having been said, there is one other requirement that would need to > be addressed: > > * Object Reuse (2.2.1.2) > > THis is defined as follows: > > "All authorizations to the information contained iwthin a storage object > shall be revoked prior to initial assignment, allocation or reallocation > to a subject from the TCB's pool of unused storage objects. No > information, including encrypted representations of information, produced > by a prior subject's actions is to be available to any subject that > obtains access to an object that has been released back to the system." > > Basically, we need to purge all memor when it is allocated, or > deallocated. > Nope, only when it is allocated, and this is allready done. The reason is that until it is allocated, no "subject" has access to the "object".