From owner-freebsd-hackers Fri Aug 21 03:34:33 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id DAA14958 for freebsd-hackers-outgoing; Fri, 21 Aug 1998 03:34:33 -0700 (PDT) (envelope-from owner-freebsd-hackers@FreeBSD.ORG) Received: from hda.hda.com (hda-bicnet.bicnet.net [208.220.66.37]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id DAA14947 for ; Fri, 21 Aug 1998 03:34:31 -0700 (PDT) (envelope-from dufault@hda.hda.com) Received: (from dufault@localhost) by hda.hda.com (8.8.5/8.8.5) id GAA15161; Fri, 21 Aug 1998 06:29:57 -0400 (EDT) From: Peter Dufault Message-Id: <199808211029.GAA15161@hda.hda.com> Subject: Re: Trapping memory In-Reply-To: <199808201558.PAA00613@dingo.cdrom.com> from Mike Smith at "Aug 20, 98 03:58:26 pm" To: mike@smith.net.au (Mike Smith) Date: Fri, 21 Aug 1998 06:29:56 -0400 (EDT) Cc: matthew@wolfepub.com, freebsd-hackers@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL25 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-hackers@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > A root compromise would be able to defeat the detection mechanism. > > You could increase the difficulty of recovering the key slightly by > obfuscating its storage, but protecting it completely would require > kernel modifications which could be reversed/removed/faked around by a > sufficiently persistent attacker. There are other advantages to having a clean interface for unmapping kernel data structures such as activating access to a subsystem data structure only when you know the subsystem is active. For all I know we have such an interface already. However, the easier it is to use the easier the defeat will be, and there is always physical memory access anyway. Peter -- Peter Dufault (dufault@hda.com) Realtime development, Machine control, HD Associates, Inc. Safety critical systems, Agency approval To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message