On Fri, Nov 21, 2003 at 10:59:40AM +0100, Pawel Jakub Dawidek wrote:
>Such "secure" flag for running process could be also implemented with
>multiple meanings:

Is the "secure" flag intended to protect the process image from the invoking
user as well as other users?

>1. All freed pages have to be zeroed.
>2. All removed files have to be overwritten.
>3. Umask for newly created files should be 0077.
>4. "secure" flag for newly created files should be forced?
>5. ...

5. Modified pages can't be written to swap (unless swap is encrypted).
6. Process get setuid-type treatment of core-dumps and rtld environment etc
...

Peter
_______________________________________________
[EMAIL PROTECTED] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-hackers
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to