On Sun, 26 Mar 2000, Alan Cox wrote:
>> So...scenario...suppose we have a Compartmented Mode Computer that
>> enforces Mandatory Access. Users who log in don't know about each other and
>
>Firstly you need to look up what compartmented mode implies. You cannot do
>a single fixed memory pool on a compartmented mode system or processes can
>signal across the security boundary using out of memory as indications.
Only on overcommited systems.
>You have to have some per security level swap pools or randomising (and the
>per security swap pool is more effective anyway) since it stops people slapping
>a viterbi codec across the memory signalling and laughing at your randomised
>errors.
Not really.. all it takes is a guaranteed memory allocation. No overcommitting
memory. Thats the way it works with UNICOS, and I believe that is the same
for trusted HP/UX and trusted Solaris. I have seen it with trusted IRIX.
Processes also can't signal via memory signals this way since the signals
can't be generated.
-------------------------------------------------------------------------
Jesse I Pollard, II
Email: pollard@cats-chateau.net
Any opinions expressed are solely my own.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Mar 31 2000 - 21:00:18 EST