Date: Thu, 16 Oct 1997 00:21:09 -0600 (MDT) From: Wes Peters <softweyr@xmission.com> To: "Christopher G. Petrilli" <petrilli@amber.org> Cc: chat@freebsd.org Subject: Re: C2 Trusted FreeBSD? Message-ID: <199710160621.AAA12392@obie.softweyr.ml.org> In-Reply-To: <Pine.BSF.3.96.971014221455.2865L-100000@dworkin.amber.org> References: <199710150202.VAA21041@nospam.hiwaay.net> <Pine.BSF.3.96.971014221455.2865L-100000@dworkin.amber.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Christopher G. Petrilli writes:
> It simply as to be cleared, that's all the requirements states. As for
> deallocate/allocate, that's a "preference", and in fact can be done on
> either because according to the TCSEC returning memory to the TCB (i.e.
> kernel) is not technically a change of ownership because the TCB is not an
> owner in the sense that this applies to. The TCB is trusted, therefore yo
> ucan do the clear on allocate, which is substantially easier over the long
> haul, and is what is commonly done.
Right, I'd fallen into the trap of thinking of the system as "root."
This is, of course, not true on secure systems. ;^)
> And Microsoft claims that NT is C2---they just forget that you can't have
> a network or floppy. :-)
DEC made VMS C2 somewhere along the way, so I guess it wouldn't be that
much of a trip to make VMS Jr. C2 as well. Which still doesn't answer
the question "why would anybody want that?" ;^)
--
"Where am I, and what am I doing in this handbasket?"
Wes Peters Softweyr LLC
http://www.xmission.com/~softweyr softweyr@xmission.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199710160621.AAA12392>