"secure" file flag?
Peter Jeremy
peterjeremy at optushome.com.au
Fri Nov 21 03:13:16 PST 2003
On Fri, Nov 21, 2003 at 10:59:40AM +0100, Pawel Jakub Dawidek wrote:
>Such "secure" flag for running process could be also implemented with
>multiple meanings:
Is the "secure" flag intended to protect the process image from the invoking
user as well as other users?
>1. All freed pages have to be zeroed.
>2. All removed files have to be overwritten.
>3. Umask for newly created files should be 0077.
>4. "secure" flag for newly created files should be forced?
>5. ...
5. Modified pages can't be written to swap (unless swap is encrypted).
6. Process get setuid-type treatment of core-dumps and rtld environment etc
...
Peter
More information about the freebsd-hackers
mailing list