From owner-freebsd-hackers  Fri Oct 18 09:17:04 1996
Return-Path: owner-hackers
Received: (from root@localhost)
          by freefall.freebsd.org (8.7.5/8.7.3) id JAA04650
          for hackers-outgoing; Fri, 18 Oct 1996 09:17:04 -0700 (PDT)
Received: from freefall.freebsd.org (localhost.cdrom.com [127.0.0.1])
          by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id JAA04642;
          Fri, 18 Oct 1996 09:16:59 -0700 (PDT)
Message-Id: <199610181616.JAA04642@freefall.freebsd.org>
To: Joe Greco <jgreco@brasil.moneng.mei.com>
cc: karl@mcs.net, jdp@polstra.com, ache@nagual.ru, guido@gvr.win.tue.nl,
        thorpej@nas.nasa.gov, phk@critter.tfs.com, freebsd-hackers@freebsd.org,
        tech-userlevel@netbsd.org
Subject: Re: cvs commit: src/lib/libc/db/hash hash_buf.c 
In-reply-to: Your message of "Fri, 18 Oct 1996 08:24:48 CDT."
             <199610181324.IAA02709@brasil.moneng.mei.com> 
Date: Fri, 18 Oct 1996 09:16:58 -0700
From: "Justin T. Gibbs" <gibbs@freefall.freebsd.org>
Sender: owner-hackers@freebsd.org
X-Loop: FreeBSD.org
Precedence: bulk

>> Which is what is accomplished, just in this case its by the kernel (where
>> security should be enforced) not by a library.
>
>I assume (hope!) that you are saying that the "fix" in the "kernel" is
>appropriate protection of the core file, not somehow mangling the contents
>of the core file to provide this protection.

Yes, it is by protecting the core file.

>> >What's the objection to clearing possibly-contaminated structures when a 
>> >program signifies its done with a privileged resource?
>> 
>> It causes any db client to pay this penalty regardless of what is stored
>> in the database.  That is bad design.
>
>Would it be possible to extend the db interface to have a "suicide call"
>that wiped itself clean?  Something that would not interfere with normal
>db functions, but instead act as an extension?

It shouldn't be necessary if you protect the core dump, ptrace, kmem, etc
paths of attacks.  What happens if you core dump in the library or before
you can call the "cleanup" routine?

--
Justin T. Gibbs
===========================================
  FreeBSD: Turning PCs into workstations
===========================================