Date: Fri, 21 Aug 1998 06:29:56 -0400 (EDT) From: Peter Dufault <dufault@hda.com> To: mike@smith.net.au (Mike Smith) Cc: matthew@wolfepub.com, freebsd-hackers@FreeBSD.ORG Subject: Re: Trapping memory Message-ID: <199808211029.GAA15161@hda.hda.com> In-Reply-To: <199808201558.PAA00613@dingo.cdrom.com> from Mike Smith at "Aug 20, 98 03:58:26 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
> A root compromise would be able to defeat the detection mechanism. > > You could increase the difficulty of recovering the key slightly by > obfuscating its storage, but protecting it completely would require > kernel modifications which could be reversed/removed/faked around by a > sufficiently persistent attacker. There are other advantages to having a clean interface for unmapping kernel data structures such as activating access to a subsystem data structure only when you know the subsystem is active. For all I know we have such an interface already. However, the easier it is to use the easier the defeat will be, and there is always physical memory access anyway. Peter -- Peter Dufault (dufault@hda.com) Realtime development, Machine control, HD Associates, Inc. Safety critical systems, Agency approval To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199808211029.GAA15161>