Date: Thu, 16 Oct 1997 00:21:09 -0600 (MDT) From: Wes Peters <softweyr@xmission.com> To: "Christopher G. Petrilli" <petrilli@amber.org> Cc: chat@freebsd.org Subject: Re: C2 Trusted FreeBSD? Message-ID: <199710160621.AAA12392@obie.softweyr.ml.org> In-Reply-To: <Pine.BSF.3.96.971014221455.2865L-100000@dworkin.amber.org> References: <199710150202.VAA21041@nospam.hiwaay.net> <Pine.BSF.3.96.971014221455.2865L-100000@dworkin.amber.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Christopher G. Petrilli writes: > It simply as to be cleared, that's all the requirements states. As for > deallocate/allocate, that's a "preference", and in fact can be done on > either because according to the TCSEC returning memory to the TCB (i.e. > kernel) is not technically a change of ownership because the TCB is not an > owner in the sense that this applies to. The TCB is trusted, therefore yo > ucan do the clear on allocate, which is substantially easier over the long > haul, and is what is commonly done. Right, I'd fallen into the trap of thinking of the system as "root." This is, of course, not true on secure systems. ;^) > And Microsoft claims that NT is C2---they just forget that you can't have > a network or floppy. :-) DEC made VMS C2 somewhere along the way, so I guess it wouldn't be that much of a trip to make VMS Jr. C2 as well. Which still doesn't answer the question "why would anybody want that?" ;^) -- "Where am I, and what am I doing in this handbasket?" Wes Peters Softweyr LLC http://www.xmission.com/~softweyr softweyr@xmission.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199710160621.AAA12392>