Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S263465AbTEMVWQ (ORCPT ); Tue, 13 May 2003 17:22:16 -0400 Received: (majordomo@vger.kernel.org) by vger.kernel.org id S263437AbTEMVVl (ORCPT ); Tue, 13 May 2003 17:21:41 -0400 Received: from 34.mufa.noln.chcgil24.dsl.att.net ([12.100.181.34]:10746 "EHLO tabby.cats.internal") by vger.kernel.org with ESMTP id S262454AbTEMVVd (ORCPT ); Tue, 13 May 2003 17:21:33 -0400 Content-Type: text/plain; charset=US-ASCII From: Jesse Pollard To: Chuck Ebbert <76306.1226@compuserve.com>, Yoav Weiss Subject: Re: The disappearing sys_call_table export. Date: Tue, 13 May 2003 16:32:48 -0500 X-Mailer: KMail [version 1.2] Cc: linux-kernel@vger.kernel.org, alan@lxorguk.ukuu.org.uk References: <200305131048_MC3-1-38B1-E13F@compuserve.com> In-Reply-To: <200305131048_MC3-1-38B1-E13F@compuserve.com> MIME-Version: 1.0 Message-Id: <03051316324801.20373@tabby> Content-Transfer-Encoding: 7BIT Sender: linux-kernel-owner@vger.kernel.org X-Mailing-List: linux-kernel@vger.kernel.org Content-Length: 1612 Lines: 32 On Tuesday 13 May 2003 09:45, Chuck Ebbert wrote: > Jesse Pollard wrote: > > > However, it'll just give you false sense of security. First of all, > > > its hardware dependent. Second, it won't get wipe in case of a crash > > > (which is likely to happen when They come to take your disk). > > > > It is also not a valid wipe either. > > > > This particular object reuse assumes the hardware is in a secured area. > > If it is in a secured area then you don't need to wipe it. It remains > > completely under the systems control (even during a crash and reboot). > > The interval between crash and reboot is covered by the requirement to be > > in a secured area. > > ...until the admin walks in, shuts down the system, puts it on a cart > and hauls it out the door. Is he going to wipe the swap area before he > does that? Sure, you can write a procedure that says that's what he does > but he will not follow it (been there done that.) If you are in that situation, the what keeps him from just pulling the plug... Again, the swap doesn't get purged. If you are in a situation where swap must be purged (as I am) then you also know you can't just walk out the door with the system. There must be property passes, security passes, AND inventory documents that must also show the contents of the purged disks... signed off by the information security officer. - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/