From owner-freebsd-security Mon Dec 3 9:30:23 2001 Delivered-To: freebsd-security@freebsd.org Received: from mail.unsecure.net (sense-sea-MegaSub-1-753.oz.net [216.39.146.245]) by hub.freebsd.org (Postfix) with ESMTP id 0559337B405 for ; Mon, 3 Dec 2001 09:30:07 -0800 (PST) Received: (from zach@localhost) by mail.unsecure.net (8.11.6/8.11.6) id fB3HYrY43739 for freebsd-security@FreeBSD.ORG; Mon, 3 Dec 2001 09:34:53 -0800 (PST) (envelope-from zach) Date: Mon, 3 Dec 2001 09:34:47 -0800 From: "Zachary M. Smith" To: freebsd-security@FreeBSD.ORG Subject: Re: philosophical question... Message-ID: <20011203093447.E32204@arbornet.org> Mail-Followup-To: freebsd-security@FreeBSD.ORG References: <20011203032305.K92148@elvis.mu.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="8P1HSweYDcXXzwPJ" Content-Disposition: inline User-Agent: Mutt/1.2.5i In-Reply-To: ; from rwatson@FreeBSD.ORG on Mon, Dec 03, 2001 at 07:44:24AM -0500 Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.org --8P1HSweYDcXXzwPJ Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable If we're talking about a userland. and having applications decide wether or not they want to use the new random malloc, maybe looking into setting up something like Darwin's 'defaults' would be a good way to go. -zach On Mon, Dec 03, 2001 at 07:44:24AM -0500, Robert Watson wrote: >=20 > On Mon, 3 Dec 2001, Alfred Perlstein wrote: >=20 > > * Oleg Cherkasov [011203 03:16] wrote: > > >=20 > > > Think a new key 'malloc.random' for sysctl could be more useful, prot= ected=20 > > > with 'kern.securelevel' > 1. > >=20 > > However, malloc(3) has nothing to do with the kernel. >=20 > Yeah, I'm not sure why it would be keyed off of 'securelevel'. Seems to > me that we should avoid any more userland cruft being associated > unnecessarily with securelevels, actually :-).=20 >=20 > And if we do stuff this in a securelevel, it sounds like we need a > userland. sysctl namespace. More likely, we just need > this to be a flag on /etc/malloc.conf.=20 >=20 > Robert N M Watson FreeBSD Core Team, TrustedBSD Project > robert@fledge.watson.org NAI Labs, Safeport Network Services >=20 >=20 > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-security" in the body of the message --=20 --8P1HSweYDcXXzwPJ Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (FreeBSD) Comment: For info see http://www.gnupg.org iD8DBQE8C7e3M6FaXlC3H6ARApJPAJ9nixMqxizD8dLQpykXhlVt+XVJ5QCfScJ5 rFoPNK3UiADaAUPNHI17kbk= =g+Dv -----END PGP SIGNATURE----- --8P1HSweYDcXXzwPJ-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message