Re: The disappearing sys_call_table export.

From: Jesse Pollard (jesse@cats-chateau.net)
Date: Tue May 13 2003 - 16:32:48 EST


On Tuesday 13 May 2003 09:45, Chuck Ebbert wrote:
> Jesse Pollard wrote:
> > > However, it'll just give you false sense of security. First of all,
> > > its hardware dependent. Second, it won't get wipe in case of a crash
> > > (which is likely to happen when They come to take your disk).
> >
> > It is also not a valid wipe either.
> >
> > This particular object reuse assumes the hardware is in a secured area.
> > If it is in a secured area then you don't need to wipe it. It remains
> > completely under the systems control (even during a crash and reboot).
> > The interval between crash and reboot is covered by the requirement to be
> > in a secured area.
>
> ...until the admin walks in, shuts down the system, puts it on a cart
> and hauls it out the door. Is he going to wipe the swap area before he
> does that? Sure, you can write a procedure that says that's what he does
> but he will not follow it (been there done that.)

If you are in that situation, the what keeps him from just pulling the plug...
Again, the swap doesn't get purged.

If you are in a situation where swap must be purged (as I am) then you also
know you can't just walk out the door with the system. There must be property
passes, security passes, AND inventory documents that must also show the
contents of the purged disks... signed off by the information security
officer.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Thu May 15 2003 - 22:00:48 EST