"secure" file flag?

Ceri Davies ceri at submonkey.net
Mon Nov 24 15:59:55 PST 2003

On Tue, Nov 18, 2003 at 04:31:32PM -0800, Rayson Ho wrote:
> I am wondering if it is useful to have a "secure" file flag??
> The secure file flag will be set for files that contain sensitive data.
> Then the OS will take special care when operating on those "secure"
> files.
> e.g. when deleting a "secure" file, the OS will overwrite the file with
> random data.

It would also be useful to have a "noexport" flag, which would have the
NFS code refuse to send it over the network.  I could personally use
this for setting on my PGP and SSH keys, while exporting the rest of

I did look at implementing this, but couldn't find the "correct" place
to do the check for the flag.  Any pointers for a kernel newbie?


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 187 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20031124/6da1060e/attachment.bin

More information about the freebsd-hackers mailing list