On Llu, 2003-05-12 at 23:12, Valdis.Kletnieks@vt.edu wrote:
> > "That can be done manually" does not get you the check mark in
> > the list of features. Management wants idiot-resistant security.
>
> In particular, the code that handles the zeroing out of resource objects
> before re-use needs to be "inside" the trusted-base perimeter. This has
> been well-understood for years - even my August 83 copy of the Orange Book
> says (for class C2):
1. Base Linux is not C2 certified
2. C2 is obsolete
3. NSA SELinux can do the needed stuff from scanning the code
4. Even then data erasure is not guaranteed because of the drive logic
So you are back to crypting swap in the first place
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu May 15 2003 - 22:00:42 EST