From owner-freebsd-security  Tue Jul 18 22:44:40 2000
Delivered-To: freebsd-security@freebsd.org
Received: from axl.ops.uunet.co.za (axl.ops.uunet.co.za [196.31.2.163])
	by hub.freebsd.org (Postfix) with ESMTP id 4435B37B5C6
	for <freebsd-security@freebsd.org>; Tue, 18 Jul 2000 22:44:28 -0700 (PDT)
	(envelope-from sheldonh@axl.ops.uunet.co.za)
Received: from sheldonh (helo=axl.ops.uunet.co.za)
	by axl.ops.uunet.co.za with local-esmtp (Exim 3.15 #1)
	id 13Emcy-00081u-00; Wed, 19 Jul 2000 07:42:40 +0200
From: Sheldon Hearn <sheldonh@uunet.co.za>
To: Mike Silbersack <silby@silby.com>
Cc: Joachim =?iso-8859-1?Q?Str=F6mbergson?= <watchman@ludd.luth.se>,
	Greg Lewis <glewis@trc.adelaide.edu.au>, freebsd-security@FreeBSD.ORG
Subject: Re: Status of FreeBSD security work? Audit, regression and crypto swap? 
In-reply-to: Your message of "Tue, 18 Jul 2000 18:44:28 EST."
             <Pine.BSF.4.21.0007181838570.28415-100000@achilles.silby.com> 
Date: Wed, 19 Jul 2000 07:42:40 +0200
Message-ID: <30869.963985360@axl.ops.uunet.co.za>
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org



On Tue, 18 Jul 2000 18:44:28 EST, Mike Silbersack wrote:

> Hence, one obtaining access to the swap file does have greater
> knowledge than they would with a crypted swap.  His paper seems well
> written, I suggest that you read it.

I read some of it.  Two things occur to me:

1) It's close to a waste of time in the absence of crypted filesystems.

2) The kind of access required to read the swap device usually implies a
   much more serious issue than a crypted swap is going to help you
   with.

That said, it _does_ provide some kind of damage control.  It's just not
as useful as people sometimes assume. :-)

Ciao,
Sheldon.


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message